Posted On: Oct 15, 2020

AWS Identity and Access Management (IAM) Access Analyzer now supports archive rules that allow you to retroactively mark existing findings as intended. Archive rules automatically archive new findings for public and cross-account access that meet the criteria you define. Now, you can apply the rules retroactively to mark existing findings as intended. For example, you can create a rule to archive all findings for a specific S3 bucket that you regularly grant read access to. This lets you focus on remediating findings that help you reduce broad access.  

IAM Access Analyzer is available at no additional cost in the IAM console and through APIs in all commercial AWS Regions, AWS China regions and AWS GovCloud (US). To learn more about IAM Access Analyzer and which resources it supports, see the feature page.