Explanation: When you attach a policy to a user or group of users to control access to your load balancer, it al-lows or denies the users permission to perform the specified tasks on the specified resources. An IAM policy is a JSON document that consists of one or more statements. Each statement is structured as follows:
Effect: The effect can be Allow or Deny. By default, IAM users don’t have permission to use re-sources and API actions, so all requests are denied. An explicit allow overrides the default. An ex-plicit deny overrides any allows.
Action: The action is the specific API action for which you are granting or denying permission. Resource: The resource that’s affected by the action. With many Elastic Load Balancing API ac-tions, you can restrict the permissions granted or denied to a specific load balancer by specifying its Amazon Resource Name (ARN) in this statement. Otherwise, you can use the * wildcard to specify all of your load balancers. Condition: You can optionally use conditions to control when your policies in effect. Reference:
http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGui…