# Policy condition keys for WorkSpaces Secure Browser **Supports service-specific policy condition keys:** Yes Administrators can use AWS JSON policies to specify who has access to what. That is, which **principal** can perform **actions** on what **resources**, and under what **conditions**. The `Condition` element specifies when statements execute based on defined criteria. You can create conditional expressions that use [condition operators](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html), such as equals or less than, to match the condition in the policy with values in the request. To see all AWS global condition keys, see [AWS global condition context keys](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html) in the *IAM User Guide*. To see a list of WorkSpaces Secure Browser condition keys, see [Condition keys for Amazon WorkSpaces Secure Browser](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonworkspacesweb.html#amazonworkspacesweb-policy-keys) in the *Service Authorization Reference*. To learn with which actions and resources you can use a condition key, see [Actions defined by Amazon WorkSpaces Secure Browser](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonworkspacesweb.html#amazonworkspacesweb-actions-as-permissions). To view examples of WorkSpaces Secure Browser identity-based policies, see [Identity-based policy examples for Amazon WorkSpaces Secure Browser](security_iam_id-based-policy-examples.md).