# Deprecated Amazon managed policies To simplify the assignment of permissions, Amazon provides [managed policies](access_policies_managed-vs-inline.md)—predefined policies that are ready to be attached to your IAM users, groups, and roles. Sometimes Amazon needs to add a new permission to an existing policy, such as when a new service is introduced. Adding a new permission to an existing policy does not disrupt or remove any feature or ability. However, Amazon might choose to create a *new* policy when the needed changes could impact customers if they were applied to an existing policy. For example, removing permissions from an existing policy could break the permissions of any IAM entity or application that depended upon it, potentially disrupting a critical operation. Therefore, when such a change is required, Amazon creates a completely new policy with the required changes and makes it available to customers. The old policy is then marked *deprecated*. For more information, see [Deprecated Amazon managed policies](https://docs.amazonaws.cn//aws-managed-policy/latest/reference/about-managed-policy-reference.html#deprecated-managed-policies) in *Amazon Managed Policy Reference Guide*.