Last updated：2021-10-29 17:57:40
A permission specifies whether to allow or deny some operations on the corresponding resources in specific conditions. A policy is a set of permissions.
Permissions indicate whether a user is allowed to perform a specific operation on a resource. Permissions include Allow and Deny.
Policies are a set of permissions defined based on the policy syntax and structure, which can accurately describe the authorized resource set, operation set, and authorization conditions.
Identity and Access Management (IAM) supports the following two types of policies:
Authorization is the operation of granting permissions necessary for specific work to the corresponding identity (IAM user, IAM group, or IAM role). After obtaining the permissions, the identity can access the corresponding cloud service and perform required operations.