In part 1, we discussed authentication options in both AWS and Azure. In this post, we will discuss the authorization options. As described in part 1, AWS makes use of a combination of user policies and resource policies to govern access. User policies are only used if the user trying to access the objects are IAM users. In this way, cross account access is also supported.