The AWS reference documentation has an amazing level of depth and information. It’s organization, however, is lacking. Not unlike the “SDK Documentation” of previous eras.
Creating AWS IAM policies is at the heart of creating secure AWS environments. And although there are many samples in the AWS documentation, eventually you have to dive into “What is ever conceivable way I could code an IAM policy to meet a very specific configuration requirement”.
This is where I find the IAM documentation falls down. Comprehensive, up to date lists of all the options that can be used in an IAM policy for a given IAM element. And especially when it comes to the super-useful aspect of setting conditions in policies.
Many of these elements vary on a per-AWS service basis - so you can’t assume that a given data element or condition that can be set for one service can be set for the service you are currently needing to configure.
Well, I guess someone else had that same frustration because this reference website does just that - top notch, comprehensive, well presented and excellent reference on conditions!