# Access management

{% hint style="info" %}
This page was generated from content adapted from the [AWS Developer Guide](https://github.com/awsdocs/iam-user-guide.git)
{% endhint %}

## Permissions required

* **Note**\
  Throughout the AWS documentation, when we refer to an IAM policy without mentioning any of the specific categories, we mean an identity-based, customer managed policy. For details about policy categories, see [Policies and permissions in IAM](https://github.com/kevinslin/aws-reference-notes/blob/main/services/aws_identity_and_access_management_iam/access_policies.md).
* **Note**\
  Some services support resource-based policies as described in [Identity-based policies and resource-based policies](https://github.com/kevinslin/aws-reference-notes/blob/main/services/aws_identity_and_access_management_iam/access_policies_identity-vs-resource.md) (such as Amazon S3, Amazon SNS, and Amazon SQS). For those services, an alternative to using roles is to attach a policy to the resource (bucket, topic, or queue) that you want to share. The resource-based policy can specify the AWS account that has permissions to access the resource.