IAM Access Analyzer policy generation services - Amazon Identity and Access Management
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

IAM Access Analyzer policy generation services

The following table lists the Amazon services for which IAM Access Analyzer generates policies with action-level information. For a list of actions in each service, see Actions, resources, and condition keys for Amazon services in the Service Authorization Reference.

Service Service prefix
Amazon Identity and Access Management Access Analyzer access-analyzer
Amazon Account Management account
Amazon Certificate Manager acm
Amazon Managed Workflows for Apache Airflow airflow
Amazon Amplify amplify
Amazon Amplify UI Builder amplifyuibuilder
Amazon AppIntegrations app-integrations
Amazon AppConfig appconfig
Amazon AppFlow appflow
Amazon Application Cost Profiler application-cost-profiler
Amazon CloudWatch Application Insights applicationinsights
Amazon App Mesh appmesh
Amazon AppStream 2.0 appstream
Amazon AppSync appsync
Amazon Managed Service for Prometheus aps
Amazon Athena athena
Amazon Audit Manager auditmanager
Amazon Auto Scaling autoscaling
Amazon Web Services Marketplace aws-marketplace
Amazon Backup backup
Amazon Batch batch
Amazon Braket braket
Amazon Budgets budgets
Amazon Cloud9 cloud9
Amazon CloudFormation cloudformation
Amazon CloudFront cloudfront
Amazon CloudHSM cloudhsm
Amazon CloudSearch cloudsearch
Amazon CloudTrail cloudtrail
Amazon CloudWatch cloudwatch
Amazon CodeArtifact codeartifact
Amazon CodeDeploy codedeploy
Amazon CodeGuru Profiler codeguru-profiler
Amazon CodeGuru Reviewer codeguru-reviewer
Amazon CodePipeline codepipeline
AWS CodeStar codestar
AWS CodeStar Notifications codestar-notifications
Amazon Cognito Identity cognito-identity
Amazon Cognito user pools cognito-idp
Amazon Cognito Sync cognito-sync
Amazon Comprehend Medical comprehendmedical
Amazon Compute Optimizer compute-optimizer
Amazon Config config
Amazon Connect connect
Amazon Cost and Usage Report cur
Amazon Glue DataBrew databrew
Amazon Web Services Data Exchange dataexchange
Amazon Data Pipeline datapipeline
DynamoDB Accelerator dax
Amazon Device Farm devicefarm
Amazon DevOps Guru devops-guru
Amazon Direct Connect directconnect
Amazon Data Lifecycle Manager dlm
Amazon Database Migration Service dms
Amazon DocumentDB Elastic Clusters docdb-elastic
Amazon Directory Service ds
Amazon DynamoDB dynamodb
Amazon Elastic Block Store ebs
Amazon Elastic Compute Cloud ec2
Amazon Elastic Container Registry ecr
Amazon Elastic Container Registry Public ecr-public
Amazon Elastic Container Service ecs
Amazon Elastic Kubernetes Service eks
Amazon Elastic Inference elastic-inference
Amazon ElastiCache elasticache
Amazon Elastic Beanstalk elasticbeanstalk
Amazon Elastic File System elasticfilesystem
Elastic Load Balancing elasticloadbalancing
Amazon Elastic Transcoder elastictranscoder
Amazon EMR on EKS (EMR Containers) emr-containers
Amazon EMR Serverless emr-serverless
Amazon OpenSearch Service es
Amazon EventBridge events
Amazon CloudWatch Evidently evidently
Amazon FinSpace finspace
Amazon Data Firehose firehose
Amazon Fault Injection Service fis
Amazon Firewall Manager fms
Amazon Fraud Detector frauddetector
Amazon FSx fsx
Amazon GameLift gamelift
Amazon Location Service geo
Amazon S3 Glacier glacier
Amazon Managed Grafana grafana
Amazon IoT Greengrass greengrass
Amazon Ground Station groundstation
Amazon GuardDuty guardduty
Amazon HealthLake healthlake
Amazon Honeycode honeycode
Amazon Identity and Access Management iam
Amazon Identity Store identitystore
EC2 Image Builder imagebuilder
Amazon Inspector Classic inspector
Amazon Inspector inspector2
Amazon IoT iot
Amazon IoT Analytics iotanalytics
Amazon IoT Core Device Advisor iotdeviceadvisor
Amazon IoT Events iotevents
Amazon IoT Fleet Hub iotfleethub
Amazon IoT SiteWise iotsitewise
Amazon IoT TwinMaker iottwinmaker
Amazon IoT Wireless iotwireless
Amazon Interactive Video Service ivs
Amazon Interactive Video Service Chat ivschat
Amazon Managed Streaming for Apache Kafka kafka
Amazon Managed Streaming for Kafka Connect kafkaconnect
Amazon Kendra kendra
Amazon Kinesis kinesis
Amazon Kinesis Analytics V2 kinesisanalytics
Amazon Key Management Service kms
Amazon Lambda lambda
Amazon Lex lex
Amazon License Manager Linux Subscriptions Manager license-manager-linux-subscriptions
Amazon Lightsail lightsail
Amazon CloudWatch Logs logs
Amazon Lookout for Equipment lookoutequipment
Amazon Lookout for Metrics lookoutmetrics
Amazon Lookout for Vision lookoutvision
Amazon Mainframe Modernization m2
Amazon Managed Blockchain managedblockchain
AWS Elemental MediaConnect mediaconnect
AWS Elemental MediaConvert mediaconvert
AWS Elemental MediaLive medialive
AWS Elemental MediaStore mediastore
AWS Elemental MediaTailor mediatailor
Amazon MemoryDB for Redis memorydb
Amazon Application Migration Service mgn
Amazon Migration Hub mgh
Amazon Migration Hub Strategy Recommendations migrationhub-strategy
Amazon Pinpoint mobiletargeting
Amazon MQ mq
Amazon Network Manager networkmanager
Amazon Nimble Studio nimble
Amazon HealthOmics omics
Amazon OpsWorks opsworks
Amazon OpsWorks CM opsworks-cm
Amazon Outposts outposts
Amazon Organizations organizations
Amazon Panorama panorama
Amazon Performance Insights pi
Amazon EventBridge Pipes pipes
Amazon Polly polly
Amazon Connect Customer Profiles profile
Amazon QLDB qldb
Amazon Resource Access Manager ram
Amazon Recycle Bin rbin
Amazon Relational Database Service rds
Amazon Redshift redshift
Amazon Redshift Data API redshift-data
Amazon Migration Hub Refactor Spaces refactor-spaces
Amazon Rekognition rekognition
Amazon Resilience Hub resiliencehub
Amazon Resource Explorer resource-explorer-2
Amazon Resource Groups resource-groups
Amazon RoboMaker robomaker
Amazon Identity and Access Management Roles Anywhere rolesanywhere
Amazon Route 53 route53
Amazon Route 53 Recovery Controls route53-recovery-control-config
Amazon Route 53 Recovery Readiness route53-recovery-readiness
Amazon Route 53 Resolver route53resolver
Amazon CloudWatch RUM rum
Amazon Simple Storage Service s3
Amazon S3 on Outposts s3-outposts
Amazon SageMaker geospatial capabilities sagemaker-geospatial
Savings Plans savingsplans
Amazon EventBridge Schemas schemas
Amazon SimpleDB sdb
Amazon Secrets Manager secretsmanager
Amazon Security Hub securityhub
Amazon Security Lake securitylake
Amazon Serverless Application Repository serverlessrepo
Amazon Service Catalog servicecatalog
Amazon Cloud Map servicediscovery
Service Quotas servicequotas
Amazon Simple Email Service ses
Amazon Shield shield
Amazon Signer signer
Amazon SimSpace Weaver simspaceweaver
Amazon Server Migration Service sms
Amazon Pinpoint SMS and Voice Service sms-voice
Amazon Snowball snowball
Amazon Simple Queue Service sqs
Amazon Systems Manager ssm
Amazon Systems Manager Incident Manager ssm-incidents
Amazon Systems Manager for SAP ssm-sap
Amazon Step Functions states
Amazon Security Token Service sts
Amazon Simple Workflow Service swf
Amazon CloudWatch Synthetics synthetics
Amazon Resource Groups Tagging API tag
Amazon Textract textract
Amazon Timestream timestream
Amazon Telco Network Builder tnb
Amazon Transcribe transcribe
Amazon Transfer Family transfer
Amazon Translate translate
Amazon Connect Voice ID voiceid
Amazon VPC Lattice vpc-lattice
Amazon WAFV2 wafv2
Amazon Well-Architected Tool wellarchitected
Amazon Connect Wisdom wisdom
Amazon WorkLink worklink
Amazon WorkSpaces workspaces
Amazon X-Ray xray