IAM Access Analyzer policy generation services

The following table lists the Amazon services for which IAM Access Analyzer generates policies with action-level information. For a list of actions in each service, see Actions, resources, and condition keys for Amazon services in the Service Authorization Reference.

Service	Service prefix
Amazon Identity and Access Management Access Analyzer	access-analyzer
Amazon Account Management	account
Amazon Managed Workflows for Apache Airflow	airflow
Amazon MQ	mq
Amazon Amplify	amplify
Amazon Amplify UI Builder	amplifyuibuilder
Amazon AppIntegrations	app-integrations
Amazon AppFlow	appflow
Amazon Application Cost Profiler	application-cost-profiler
Amazon AppSync	appsync
Amazon Managed Service for Prometheus	aps
Amazon Athena	athena
Amazon Web Services Marketplace	aws-marketplace
Amazon Batch	batch
Amazon Braket	braket
Amazon Cloud9	cloud9
Amazon CloudFormation	cloudformation
Amazon CloudSearch	cloudsearch
Amazon CloudTrail	cloudtrail
Amazon CloudWatch	cloudwatch
Amazon CodeArtifact	codeartifact
Amazon CodeGuru Profiler	codeguru-profiler
Amazon CodeGuru Reviewer	codeguru-reviewer
AWS CodeStar	codestar
AWS CodeStar Notifications	codestar-notifications
Amazon Cognito Identity	cognito-identity
Amazon Cognito user pools	cognito-idp
Amazon Cognito Sync	cognito-sync
Amazon Compute Optimizer	compute-optimizer
Amazon Connect	connect
Amazon Cost and Usage Report	cur
Amazon Glue DataBrew	databrew
Amazon Web Services Data Exchange	dataexchange
Amazon Data Pipeline	datapipeline
DynamoDB Accelerator	dax
Amazon Device Farm	devicefarm
Amazon DevOps Guru	devops-guru
Amazon Direct Connect	directconnect
Amazon Data Lifecycle Manager	dlm
Amazon Database Migration Service	dms
Amazon Directory Service	ds
Amazon DynamoDB	dynamodb
Amazon Elastic Block Store	ebs
Amazon Elastic Compute Cloud	ec2
Amazon Elastic Container Registry	ecr
Amazon Elastic Container Registry Public	ecr-public
Amazon Elastic Container Service	ecs
Amazon Elastic Kubernetes Service	eks
Amazon Elastic Inference	elastic-inference
Amazon Elastic Beanstalk	elasticbeanstalk
Amazon Elastic File System	elasticfilesystem
Elastic Load Balancing	elasticloadbalancing
Amazon Elastic Transcoder	elastictranscoder
Amazon EMR on EKS (EMR Containers)	emr-containers
Amazon OpenSearch Service	es
Amazon CloudWatch Evidently	evidently
Amazon FinSpace	finspace
Amazon Kinesis Data Firehose	firehose
Amazon Fault Injection Simulator	fis
Amazon Firewall Manager	fms
Amazon Location Service	geo
Amazon Managed Grafana	grafana
Amazon IoT Greengrass	greengrass
Amazon Ground Station	groundstation
Amazon GuardDuty	guardduty
Amazon HealthLake	healthlake
Amazon Identity and Access Management	iam
Amazon Identity Store	identitystore
EC2 Image Builder	imagebuilder
Amazon Inspector Classic	inspector
Amazon Inspector	inspector2
Amazon IoT Core Device Advisor	iotdeviceadvisor
Amazon IoT Fleet Hub	iotfleethub
Amazon IoT TwinMaker	iottwinmaker
Amazon Interactive Video Service	ivs
Amazon Managed Streaming for Apache Kafka	kafka
Amazon Managed Streaming for Kafka Connect	kafkaconnect
Amazon Kinesis	kinesis
Amazon Key Management Service	kms
Amazon Lambda	lambda
Amazon Lightsail	lightsail
Amazon CloudWatch Logs	logs
Amazon Lookout for Equipment	lookoutequipment
Amazon Lookout for Metrics	lookoutmetrics
Amazon Lookout for Vision	lookoutvision
Amazon Managed Blockchain	managedblockchain
AWS Elemental MediaConnect	mediaconnect
AWS Elemental MediaConvert	mediaconvert
AWS Elemental MediaLive	medialive
AWS Elemental MediaTailor	mediatailor
Amazon MemoryDB for Redis	memorydb
Amazon Application Migration Service	mgn
Amazon Migration Hub	mgh
Amazon Migration Hub Strategy Recommendations	migrationhub-strategy
Amazon Pinpoint	mobiletargeting
Amazon Network Manager	networkmanager
Amazon Nimble Studio	nimble
Amazon OpsWorks	opsworks
Amazon Outposts	outposts
Amazon Panorama	panorama
Amazon Performance Insights	pi
Amazon Polly	polly
Amazon Connect Customer Profiles	profile
Amazon QLDB	qldb
Amazon Resource Access Manager	ram
Amazon Recycle Bin	rbin
Amazon Relational Database Service	rds
Amazon Redshift Data API	redshift-data
Amazon Resource Groups	resource-groups
Amazon Route 53 Recovery Controls	route53-recovery-control-config
Amazon Route 53 Recovery Readiness	route53-recovery-readiness
Amazon Route 53 Resolver	route53resolver
Amazon CloudWatch RUM	rum
Amazon Simple Storage Service	s3
Amazon S3 on Outposts	s3-outposts
Savings Plans	savingsplans
Amazon EventBridge Schemas	schemas
Amazon SimpleDB	sdb
Amazon Secrets Manager	secretsmanager
Amazon Security Hub	securityhub
Amazon Cloud Map	servicediscovery
Service Quotas	servicequotas
Amazon Simple Email Service	ses
Amazon Shield	shield
Amazon Signer	signer
Amazon Server Migration Service	sms
Amazon Pinpoint SMS and Voice Service	sms-voice
Amazon Snowball	snowball
Amazon Simple Queue Service	sqs
Amazon Systems Manager	ssm
Amazon Systems Manager Incident Manager	ssm-incidents
Amazon Security Token Service	sts
Amazon Simple Workflow Service	swf
Amazon CloudWatch Synthetics	synthetics
Amazon Resource Groups Tagging API	tag
Amazon Textract	textract
Amazon Timestream	timestream
Amazon Transcribe	transcribe
Amazon Translate	translate
Amazon Well-Architected Tool	wellarchitected
Amazon Connect Wisdom	wisdom
Amazon WorkLink	worklink

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

IAM Access Analyzer policy generation

IAM Access Analyzer quotas