Learn AWS IAM by Solving 12 Policy Puzzles in the Browser

AWS IAM is hard to learn from docs alone. The evaluation logic only really clicks after enough trial and error, identity policies, resource policies, SCPs, permissions boundaries, explicit deny precedence, all interacting in non-obvious ways.

I built Learn AWS IAM to make that process more hands-on. It's 12 interactive levels that run entirely in the browser. No AWS account, no signup, free, open source. Inspired by Learn Git Branching.

Each level gives you a scenario: a user needs to read from one S3 bucket but not another, an EC2 role needs to assume a role in a different account, an SCP is blocking something it shouldn't. You read the existing policies, figure out what's wrong, and edit JSON until the request evaluates the way it should.

Topics covered across the 12 levels:

Identity-based and resource-based policies