You can now create custom IAM (Identity and Access Management) policy documents from the IAM tab of the AWS Management Console. You can use a custom policy document to gain access to a number of advanced IAM features such as limiting access by user agent, time, or IP address, requiring a secure transport, or even enabling cross-account access to selected AWS resources.
Here's a tour! The first step is to click on the Attach User Policy button (you can also do this for IAM groups):
There's a new Policy Generator option:
The Policy Generator allows you to create policy documents for any AWS service that is supported by IAM:
After selecting a service you can choose to allow or deny any number of actions in the policy document that you create:
You can also attach any number of conditions to each of your policies:
If this looks like something that you could use, then I suggest that you head over to the AWS Management Console today and create some policies! I suggest that you review the Permissions and Policies section of the IAM documentation to make sure that you are taking advantage of the power and flexibility of IAM.