A fine-grained policy is a set of permissions defining which operations on which cloud services can be performed. Each policy can define multiple permission sets. After a policy is granted to a user group, users in the user group obtain the permissions of the policy. IAM implements fine-grained permission management based on the permissions defined by policies.
IAM supports two types of policies: