You can get very granular with your IAM conditions, they can range from the IP of your source, Whether MFA is enabled, the region the request is made in, etc. For example, you can only allow users to access EC2 if MFA is enabled and they are in US-EAST1. You have a lot to work with when editing the conditions of your IAM policies.
Today’s post was a short and sweet one, but if you are interested in reading more about the range of IAM conditions you can set please check out the following!
https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html