Delegate Permission Management to Employees by Using IAM Permissions Boundaries
Now, AWS Identity and Access Management (IAM) makes it easier for you to delegate IAM permissions management to trusted employees by using IAM permissions boundaries. With this new capability, you can help your organization scale and move workloads to AWS faster.
IAM policies enable you to grant employees and applications access to AWS services, actions, and resources. As your organization grows, you might want to allow trusted employees to configure and manage IAM permissions to help your organization scale permission management and move workloads to AWS faster. For example, you might want to grant a developer the ability to create and manage permissions for an IAM role required to run an application on Amazon EC2. Now, you can set a permissions boundary to control the maximum permissions employees can grant to the IAM principals (users and roles) that they create and manage.
AWS IAM is a global service and this new feature is available in all AWS regions. Learn more by reading the AWS IAM documentation for permissions boundaries.