AWS News Blog

Integrated IAM Policy Generator

You can now create custom IAM (Identity and Access Management) policy documents from the IAM tab of the AWS Management Console. You can use a custom policy document to gain access to a number of advanced IAM features such as limiting access by user agent, time, or IP address, requiring a secure transport, or even enabling cross-account access to selected AWS resources.

Here’s a tour! The first step is to click on the Attach User Policy button (you can also do this for IAM groups):

There’s a new Policy Generator option:

The Policy Generator allows you to create policy documents for any AWS service that is supported by IAM:

After selecting a service you can choose to allow or deny any number of actions in the policy document that you create:

You can also attach any number of conditions to each of your policies:

If this looks like something that you could use, then I suggest that you head over to the AWS Management Console today and create some policies! I suggest that you review the Permissions and Policies section of the IAM documentation to make sure that you are taking advantage of the power and flexibility of IAM.

— Jeff;