I was going through one of the supporting courses for AWS SAA – C02. I found in one of the lectures where it mentioned that we cannot give access through policies to an IAM group since it doesnt have a ARN. Does this mean that the users added to the group can still have access through the IAM policies/resource policies assigned to it and not the just group itself? I saw the trainer created an IAM group and assigned AWS managed policies to it and add an user to it. Can someone clarify on this?