tigrisdata · JigarJoshi · Feb 21, 2025 · Feb 6, 2025 · Feb 19, 2025
diff --git a/docs/iam/iam-policy-support.md b/docs/iam/iam-policy-support.md
@@ -0,0 +1,21 @@
+# Tigris IAM Policy Support
+
+An IAM (Identity and Access Management) policy is a set of rules that define
+permissions, specifying what actions can be performed on specific resources
+optionally with some conditions. IAM policy is very broad and in context of
+Tigris we support the following blocks:
+
+| Block               | Supported | Description                                                                                                                                                                                 |
+| ------------------- | --------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| Version             | Yes       | Specifies the version of the policy language. The supported version is `2012-10-17`                                                                                                         |
+| Id                  | Yes       | An optional identifier of the policy.                                                                                                                                                       |
+| Statement           | Yes       | An array of one or more statements that define the permissions.                                                                                                                             |
+| statement.sid_block | Yes       | An optional identifier for the statement.                                                                                                                                                   |
+| statement.effect    | Yes       | Specifies whether the action is allowed or denied.                                                                                                                                          |
+| statement.action    | Yes       | Specifies the action that is allowed. Note that here Tigris supports format `s3:MethodName`, For example: `s3:PutBucket`. Tigris supports wildcard (`*`) and prefixes (eg: `s3:Put*`) here. |
+| statement.resource  | Yes       | Specifies the Amazon Resource Name (ARN) of the resource to which the policy applies. Tigris supports wildcard (`*`) and prefixes for object (eg: `arn:aws:s3:::my-bucket/images/*`).       |
+| statement.condition | Partially | Tigris supports `IpAddress`, `NotIpAddress`, `DateEquals`, `DateNotEquals`, `DateGreaterThan`, `DateGreaterThanEquals`, `DateLessThan`, `DateLessThanEquals` condition.                     |
+
+Note that for date-time conditions - only supported variable is
+`aws:CurrentTime` which represents the current time when server is processing
+the request.
diff --git a/docs/iam/index.md b/docs/iam/index.md
@@ -36,6 +36,13 @@ you'll need to attach IAM policies to the new access key.
 Let's create an IAM policy and attach it to an access key. Here's an example IAM
 policy. You'll need to save it as a `.json` file.
 
+:::note
+
+Refer [here](./iam-policy-support.md) for more information on what blocks of IAM
+policies are supported by Tigris.
+
+:::
+
 ```
 nano file:///path/to/policy.json
 

diff --git a/sidebars.js b/sidebars.js
@@ -88,6 +88,7 @@ const sidebars = {
       label: "IAM",
       items: [
         "iam/index",
+        "iam/iam-policy-support",
         "iam/create-access-key/index",
         "iam/limited-access-key",
         "iam/ip-restrictions",