Limiting user access to edit AWS IAM policies will help maintain a strong security posture, reducing the risk of unauthorized access to a cloud account. By limiting access based on the principle of least privilege, a company can adhere to regulatory compliance requirements, prevent accidental exposure or destruction of data, and align with industry best practices.
In AWS Console -
In Terraform -
References:
https://docs.aws.amazon.com/IAM/latest/UserGuide/service_code_examples_iam.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy