How often can IAM policies be evaluated against AWS resources?

IAM policies are evaluated every time a request is made to access an AWS resource. This dynamic evaluation process ensures that permission checks are performed continuously, reflecting any changes made to policies or resource statuses in real time.

By evaluating IAM policies with each request, AWS can enforce up-to-date security measures, ensuring only authorized users have access to the resources based on the current permissions defined in the policies. This process is crucial because it allows for immediate implementation of any modifications to the IAM policies, thereby enhancing security and compliance.

Other options mention specific timing or conditions for evaluation that do not reflect how IAM policies truly function, such as being evaluated only at the creation of a resource or on a set schedule. This illustrates the flexibility and immediacy of IAM policy evaluations in response to ongoing requests within AWS.