Open
Description
In the documentation provided here: https://docs.amplify.aws/javascript/build-a-backend/storage/configure-access/ it's described the different access level of the S3 storage.
Guest: Accessible by all users of your app. Files are stored under the public/ path in your S3 bucket. Protected: Readable by all users, but writable only by the creating user. Files are stored under protected/{user_identity_id}/ where the user_identity_id corresponds to the unique Amazon Cognito Identity ID for that user. Private: Only accessible for the individual user. Files are stored under private/{user_identity_id}/ where the user_identity_id corresponds to the unique Amazon Cognito Identity ID for that user.
What is not really clear to me is how these permissions are enforced. The cloudfromation stack seems is creating the related IAM policies resources but I can't find them in IAM Policies dashboard.
Moreover, can you please explain me how this feature works or point me to the relevant documentation?