Last updated：2021-10-29 17:57:25
This topic describes how to create a custom policy when the system policies cannot meet your requirements. Custom policies enable you to manage permissions in a more fine-grained manner and can satisfy different permission management requirements.
You have been familiar with the basic structure and syntax of policies. For more information, see Policy elements.
- Product Features / Project Permissions: IAM allows you to create a custom policy by selecting required services and features. This method is suitable for customers who need to control permissions but the requirements are not complex.
- Visual configuration: We recommend that you preferentially create a custom policy in the visual configuration mode, which is easy and flexible. You only need to select services and actions, and specify resources. The system automatically generates the policy for you.
- Policy grammar: You can create a custom policy by directly editing the policy document. This method enables you to control the permission granularity in a flexible way, and is suitable for customers who need more fine-grained permission control.
- Authorization by tag: This method allows you to quickly assign tagged resources to users or groups.
You can attach the custom policy to IAM users, groups, or roles.