Defining policies

Policies declare what services a user or a group can access and the level of access (read-only, full access, and so forth). You can define global policies that take care of several services at the same time and attach them to groups of users, or you can attach specific mono-service policies to your user. This is what we'll do now.

Once you have created your user and downloaded its credentials, you end up on the IAM user dashboard with a list of all your created users. Select the AML@Packt user and the permissions tab. Check all the services you know that the user will need to access. In our case, we select two services each with full access, which will be sufficient to explore the Amazon Machine Learning service:

• Amazon Machine Learning Full Access
• Amazon S3 Full Access

We will add other policies to these users to enable other services (Athena, RedShift, RDS, and so on) as needed later on.