Learn how to set up and use IAM Access Analyzer, use findings for external and unused access, run policy checks, and generate new or updated policies.

Describes all the API operations for IAM Access Analyzer in detail.

Learn how to use IAM Access Analyzer to detect unused IAM permissions and ways you can update them to safely move toward a least privilege environment. Discover relevant features of last-accessed information, and use automation to continuously analyze unused access.

In this workshop, you automate the validation and analysis of AWS IAM policies by using GitHub Actions and IAM Access Analyzer. Policy validation and analysis minimizes deployment of unwanted IAM policies.

This repository contains sample code used to demo the AWS IAM Access Analyzer APIs and how you can use them to automate your policy validation workflows.

This repository contains a collection of sample reference policies that can be used with IAM Access Analyzer custom policy checks and the new CheckNoNewAccess API. The CheckNoNewAccess API checks an existing policy against a new policy and returns PASS if no new access is detected in the new policy and FAIL if new access is detected in the new policy.

In this hands-on workshop, you are given the opportunity to build a CI/CD pipeline that validates IAM policies using IAM Access Analyzer and the IAM Policy Validator for AWS CloudFormation.