AWS IAM Access Analyzer Resources
Documentation
IAM Access Analyzer User Guide
Learn how to set up and use IAM Access Analyzer, use findings for external and unused access, run policy checks, and generate new or updated policies.
IAM Access Analyzer API Reference Guide
Describes all the API operations for IAM Access Analyzer in detail.
Workshops and sample code
Workshop: Refining IAM Permissions Like a Pro
Learn how to use IAM Access Analyzer to detect unused IAM permissions and ways you can update them to safely move toward a least privilege environment. Discover relevant features of last-accessed information, and use automation to continuously analyze unused access.
Workshop: Integrating IAM Access Analyzer in a CI/CD Pipeline
In this hands-on workshop, you are given the opportunity to build a CI/CD pipeline that validates IAM policies using IAM Access Analyzer and the IAM Policy Validator for AWS CloudFormation.
AWS Samples on GitHub: IAM Access Analyzer policy validation
This repository contains sample code used to demo the AWS IAM Access Analyzer APIs and how you can use them to automate your policy validation workflows.
AWS Samples on GitHub: IAM Access Analyzer custom policy checks
This repository contains a collection of sample reference policies that can be used with IAM Access Analyzer custom policy checks and the new CheckNoNewAccess API. The CheckNoNewAccess API checks an existing policy against a new policy and returns PASS if no new access is detected in the new policy and FAIL if new access is detected in the new policy.