Policy syntax and inheritance for management policy types - AWS Organizations

Policy syntax and inheritance for management policy types

Exactly how policies affect the OUs and accounts that inherit them depends on the type of management policy you choose. Management policy types include:

The syntax for management policy types includes Inheritance operators, which enable you to specify with fine granularity what elements from the parent policies are applied and what elements can be overridden or modified when inherited by child OUs and accounts.

The effective policy is the set of rules that are inherited from the organization root and OUs along with those directly attached to the account. The effective policy specifies the final set of rules that apply to the account. You can view the effective policy for an account that includes the effect of all of the inheritance operators in the policies applied. For more information, see Viewing effective management policies.