AWS Identity and Access Management (IAM) now enables simplified permissions management by allowing you to use a single IAM policy condition across all AWS services to control access to specific regions. By adding the new global condition key ‘aws:RequestedRegion’ in the condition element of your IAM policy, you can control access to the regions in which an IAM principal (user or role) can perform AWS actions.