November 18, 2020 / Eternal Team
Identity access management is user defined user access permissions within AWS, here are three different types of IAM policies.
1. Managed policies
2. Customer managed policies
3. Inline policies
Managed policy is an IAM policy, which is created and administered by AWS, and they provide managed policies for really common use cases based on different scenarios.
DynamoDB full access, EC2 read only access etc
There’s one important thing to know about the managed policies is that you cannot change the permissions defined in an AWS managed policy.
Customer managed policies is a standalone policy that you create and administer inside your own AWS account.
You can attach this policy to multiple users, groups, and roles,but only within your own account and to create a customer managed policy, you can also take a copy of an existing AWS managed policy,
inline policy is an identity access management policy, which is actually embedded within the user, group or role to which it applies and there’s a strict once one relationship between the entity and the policy.
That means you cannot attach an inline policy to multiple users, groups,or roles and when you delete the user ,group or role in which the inline policy is embedded, the policy will also be deleted.
And in most cases,AWS recommends using managed policies over inline policies.
You can find inline policy on left corner.here you can see
IAM is a service to create and manage all types of IAM policies (managed policies and inline policies). And learn about its policy type