Over the four days of Week 2, we built four pillars of IAM. Day 1''s policy evaluation logic (six layers and intersection, explicit deny priority), Day 2''s Permission Boundary (ceiling on individual permissions and safe delegation), Day 3''s SCP (guardrails for the entire account), Day 4''s federation and ABAC (temporary credentials and tag-based scaling). Today, we see how these four are not isolated knowledge but one governance machine interlocking.
The real difficulty on the Specialty exam isn''t "what is SCP" but "in an environment with SCP, Boundary, IAM, and Resource policies all applied, why is this request blocked?" Tracking that is the real skill