In Overview of AWS IAM Permissions - AWS Identity and Access Management, they introduce identity-based and resource-based permissions:
Permissions can be assigned in two ways: as identity-based or as resource-based.
They also introduce the concept of resource-level permissions.
There’s a difference between resource-based permissions and resource-level permissions. Resource-based permissions are permissions you can attach directly to a resource, as described in this topic. Resource-level permissions refers to the ability to specify not just what actions users can perform, but which resources they’re allowed to perform those actions on.
Resource-based permissions are being looked at to secure S3 and KMS, but not all services support these inline policies.
Resource-based permissions are supported only by some AWS services. For a list of which services support resource-level permissions, see AWS Services That Work with IAM.
There is also the concept of tag-based permissions for those services that support testing resource tags in a
Condition element. However, in the list linked above, hardly any of the services support this.