You manage access in AWS by creating policies and attaching them to IAM identities or AWS
resources. A policy is an object in AWS that, when associated with an entity or resource,
defines their permissions. AWS evaluates these policies when a principal, such as a user,
makes a request. Permissions in the policies determine whether the request is allowed or
denied. Most policies are stored in AWS as JSON documents