- RCPs acts as Guardrail to access of resources in your AWS organization
- It doesn’t allow any, by itself, like SCPs, You’ll need to attach IAM resources
- All access resources that aren’t explicitly allowed will not be allowed even IAM policies allows it
- Useful when you start working on