A policy governs resource access within an org to a set of principals. It enables fine-grained authorization rules to define the minimum amount of permissions required when accessing resources of the platform.
A policy consists of:
A policy can be configured to target all or specific resources within your org.
Specific resources can be assigned directly or dynamically (using a query).
A binding is a mapping between:
The set of permissions that can be assigned to a policy are unique to each resource.
Visit the policy reference page.