[golangman]

Why do those policies make it there in the first place? Could you share some scenarios? I'd love to improve the managibility of policies :)

The hydra ( http://github.com/ory/hydra ) project for example has groups, which allow you to set e.g. an admin group and then assign people to it. I think this helps a lot with managing policies!

[posnet]

It almost always comes down to complexity.

The inclusion of boolean logic in the policies is the root cause.

Specifically, having not resources, or not principals and their interaction with the other policies in the account.

The second highest common cause is misunderstanding how the default deny works.

Again, not really an issue with the landon project, but more an observation on how added power (complexity) to access control systems can sometimes make things less secure.

[schlarpc]

Just to give an example of the pain that can be caused by NotAction in practice: https://www.reddit.com/r/aws/comments/3recc9/this_iam_policy...

This policy looks reasonable to a casual observer, but actually gives * access to everything in the account. IAM policies are _hard_.

[dastbe]

Yeah, I can see how using "Not" as opposed to "Inverted" would trip up people here. However, I would say that's a naming issue and (for some reason) a resiliency to using explicit deny policies.