Setting limitations, permission boundaries
if you’d like you can set a boundary which is different then simply setting a policy. a boundary is a roof which permission policies cannot exceed
https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html
A permissions boundary is an advanced feature for using a managed policy to set the maximum permissions that an identity-based policy can grant to an IAM entity
remove principal
now that you’ve created a policy lets keep going with creating a user
in order for you to upload to bucket you must add permissions, the boundary only sets limitations but doesn’t actually set permissions
