{"id":"iam-policy-evaluation-deny-order","text":"IAM policy evaluation order: explicit deny overrides all > SCP/RCP/permissions boundary/session policy implicit deny > explicit allow in identity-based or resource-based policy > default deny (all requests start denied).","truth_value":"IN","source":"entries/2026/03/11/IAM-latest-UserGuide-intro-structurehtml.md","source_url":"","source_hash":"6e5f0d475349cf35","justifications":[],"dependents":[],"metadata":{},"explanation":{"steps":[{"node":"iam-policy-evaluation-deny-order","truth_value":"IN","reason":"premise"}]}}