You can create public authorization policies, which are policies that apply to everyone, by leaving the Condition section empty. In the Action section, you specify either to deny or to permit access to the resource. Then you assign the policy to the protected resource.