Access Analyzer

Take a look at an AWS service that can help us analyze the scope of access in our account.

AWS Access Analyzer is an IAM tool that we can use to analyze the policies in our AWS account. By doing this analysis, it can help us do the following:

  • Identify our AWS resources that are accessible outside of the account

  • Identify inactive access in our account

  • Find syntax issues in our policies

  • Make sure that our policy is according to the security best practices

  • Generate IAM policy based on access activity of a user in the AWS CloudTrail logs

Press + to interact

Access Analyzer is a regional service that needs to be enabled in the desired region.

AWS Access Analyzer workflow

AWS Access Analyzer works by continuously monitoring the resource policies within our AWS environment to identify potential security risks and compliance violations. It ...