Comment by arcfour

I've always found AWS IAM quite simple, but then again it is my job, so I might be biased. I haven't really dug into GCP well enough to understand it, but I did find it quite daunting to start the few times I messed with it. What's complex about it to you?

For personal projects, honestly, the built in roles AWS provides are okay enough for some semblance of least privilege x functionality IMO.

Plus, most of AWS's documentation tells you the specific policy JSON to use if you need to do XYZ thing, just fill in the blanks.