Are you interested in learning how to control access to your AWS resources? Have you ever wondered how to best scope down permissions to achieve least privilege permissions access control? If your answer to these questions is "yes," this session is for you. We will take an in-depth look at the AWS Identity and Access Management (IAM) policy language. We will start with the basics of the policy language and how to create and attach policies to IAM users, groups, and roles. As we dive deeper, we will explore policy variables, conditions, and other tools to help you author least privilege policies. Throughout the session, we will cover some common use cases, such as granting a user secure access to an Amazon S3 bucket or locking down access to Amazon EC2 instances. The demonstrations will use tools such as the policy editor and policy simulator to debug policies.