Using AWS Identity and Access Management (IAM) to grant access only to the resources needed to perform a task is a concept known as:
When you create IAM policies, follow the standard security advice of granting least privilege, or granting only the permissions required to perform a task.Determine what users (and roles) need to do and then craft policies that allow them to perform only those tasks.https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html