IAM Access Analyzer policy generation and IAM action last accessed support - Amazon Identity and Access Management
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

IAM Access Analyzer policy generation and IAM action last accessed support

The following table lists the Amazon services for which IAM Access Analyzer generates policies with action-level information and the services that support IAM action last accessed information. For a list of actions in each service, see Actions, resources, and condition keys for Amazon services in the Service Authorization Reference.

Service Service prefix Policy generation action-level information Action last accessed information
Amazon IAM Access Analyzer access-analyzer Yes No
Amazon Account Management account Yes No
Amazon Managed Workflows for Apache Airflow airflow Yes No
Amazon MQ mq Yes No
Amazon Amplify amplify Yes No
Amazon Amplify UI Builder amplifyuibuilder Yes No
Amazon AppIntegrations app-integrations Yes No
Amazon AppFlow appflow Yes No
Amazon Application Cost Profiler Service application-cost-profiler Yes No
Amazon AppSync appsync Yes No
Amazon Managed Service for Prometheus aps Yes No
Amazon Athena athena Yes No
Amazon Marketplace aws-marketplace Yes No
Amazon Batch batch Yes No
Amazon Braket braket Yes No
Amazon Cloud9 cloud9 Yes No
Amazon CloudFormation cloudformation Yes No
Amazon CloudSearch cloudsearch Yes No
Amazon CloudTrail cloudtrail Yes No
Amazon CodeArtifact codeartifact Yes No
Amazon CodeGuru Profiler codeguru-profiler Yes No
Amazon CodeGuru Reviewer codeguru-reviewer Yes No
AWS CodeStar codestar Yes No
Amazon CodeStar Notifications codestar-notifications Yes No
Amazon Cognito Identity cognito-identity Yes No
Amazon Cognito User Pools cognito-idp Yes No
Amazon Cognito Sync cognito-sync Yes No
Amazon Compute Optimizer compute-optimizer Yes No
Amazon Connect connect Yes No
Amazon Cost and Usage Report cur Yes No
Amazon Glue DataBrew databrew Yes No
Amazon Web Services Data Exchange dataexchange Yes No
Amazon Data Pipeline datapipeline Yes No
DynamoDB Accelerator dax Yes No
Amazon Device Farm devicefarm Yes No
Amazon DevOps Guru devops-guru Yes No
Amazon Direct Connect directconnect Yes No
Amazon Data Lifecycle Manager dlm Yes No
Amazon Database Migration Service dms Yes No
Amazon Directory Service ds Yes No
Amazon DynamoDB dynamodb Yes No
Amazon Elastic Block Store ebs Yes No
Amazon Elastic Compute Cloud ec2 Yes Yes
Amazon Elastic Container Registry ecr Yes No
Amazon Elastic Container Registry Public ecr-public Yes No
Amazon Elastic Container Service ecs Yes No
Amazon Elastic Kubernetes Service eks Yes No
Amazon Elastic Inference elastic-inference Yes No
Amazon Elastic Beanstalk elasticbeanstalk Yes No
Amazon Elastic File System elasticfilesystem Yes No
Elastic Load Balancing elasticloadbalancing Yes No
Amazon Elastic Transcoder elastictranscoder Yes No
Amazon EMR on EKS (EMR Containers) emr-containers Yes No
Amazon OpenSearch Service es Yes No
Amazon CloudWatch Evidently evidently Yes No
Amazon FinSpace finspace Yes No
Amazon Kinesis Firehose firehose Yes No
Amazon Fault Injection Simulator fis Yes No
Amazon Firewall Manager fms Yes No
Amazon Location geo Yes No
Amazon Managed Grafana grafana Yes No
Amazon IoT Greengrass greengrass Yes No
Amazon Ground Station groundstation Yes No
Amazon GuardDuty guardduty Yes No
Amazon HealthLake healthlake Yes No
Amazon Identity and Access Management iam Yes Yes
Amazon Identity Store identitystore Yes No
EC2 Image Builder imagebuilder Yes No
Amazon Inspector Classic inspector Yes No
Amazon Inspector inspector2 Yes No
Amazon IoT Core Device Advisor iotdeviceadvisor Yes No
Amazon IoT Fleet Hub iotfleethub Yes No
Amazon IoT TwinMaker iottwinmaker Yes No
Amazon Interactive Video Service ivs Yes No
Amazon Managed Streaming for Apache Kafka kafka Yes No
Amazon Managed Streaming for Kafka Connect kafkaconnect Yes No
Amazon Kinesis kinesis Yes No
Amazon Key Management Service kms Yes No
Amazon Lambda lambda Yes Yes
Amazon Lightsail lightsail Yes No
Amazon CloudWatch Logs logs Yes No
Amazon Lookout for Equipment lookoutequipment Yes No
Amazon Lookout for Metrics lookoutmetrics Yes No
Amazon Lookout for Vision lookoutvision Yes No
Amazon Managed Blockchain managedblockchain Yes No
AWS Elemental MediaConnect mediaconnect Yes No
AWS Elemental MediaConvert mediaconvert Yes No
AWS Elemental MediaLive medialive Yes No
AWS Elemental MediaTailor mediatailor Yes No
Amazon MemoryDB for Redis memorydb Yes No
Amazon Application Migration Service mgn Yes No
Amazon Migration Hub mgh Yes No
Amazon Migration Hub Strategy Recommendations migrationhub-strategy Yes No
Amazon CloudWatch cloudwatch Yes No
Amazon Network Manager networkmanager Yes No
Amazon Nimble Studio nimble Yes No
Amazon OpsWorks opsworks Yes No
Amazon Outposts outposts Yes No
Amazon Panorama panorama Yes No
Amazon Performance Insights pi Yes No
Amazon Pinpoint mobiletargeting Yes No
Amazon Polly polly Yes No
Amazon Connect Customer Profiles profile Yes No
Amazon QLDB qldb Yes No
Amazon Resource Access Manager ram Yes No
Amazon Recycle Bin rbin Yes No
Amazon Relational Database Service rds Yes No
Amazon Redshift Data API redshift-data Yes No
Amazon Resource Groups resource-groups Yes No
Amazon Route 53 Recovery Controls route53-recovery-control-config Yes No
Amazon Route 53 Recovery Readiness route53-recovery-readiness Yes No
Amazon Route 53 Resolver route53resolver Yes No
Amazon CloudWatch RUM rum Yes No
Amazon S3 s3 Yes Yes
Amazon S3 on Outposts s3-outposts Yes No
Savings Plans savingsplans Yes No
Amazon EventBridge Schemas schemas Yes No
Amazon SimpleDB sdb Yes No
Amazon Secrets Manager secretsmanager Yes No
Amazon Security Hub securityhub Yes No
Amazon Cloud Map servicediscovery Yes No
Service Quotas servicequotas Yes No
Amazon Simple Email Service ses Yes No
Amazon Shield shield Yes No
Amazon Signer signer Yes No
Amazon Server Migration Service sms Yes No
Amazon Pinpoint SMS and Voice Service sms-voice Yes No
Amazon Snowball snowball Yes No
Amazon Simple Queue Service sqs Yes No
Amazon Systems Manager ssm Yes No
Amazon Systems Manager Incident Manager ssm-incidents Yes No
Amazon Security Token Service sts Yes No
Amazon Simple Workflow Service swf Yes No
Amazon CloudWatch Synthetics synthetics Yes No
Amazon Resource Group Tagging API tag Yes No
Amazon Textract textract Yes No
Amazon Timestream timestream Yes No
Amazon Transcribe transcribe Yes No
Amazon Translate translate Yes No
Amazon Well-Architected Tool wellarchitected Yes No
Amazon Connect Wisdom wisdom Yes No
Amazon WorkLink worklink Yes No