Posted On: Oct 26, 2022

Amazon Identity and Access Management (IAM) Access Analyzer now helps you identify additional resources that can be accessed publicly or from other accounts or organizations. This includes Amazon SNS Topics, Amazon EBS Volume snapshots, Amazon RDS DB snapshots, Amazon RDS DB Cluster snapshots, Amazon ECR repositories, and Amazon EFS file systems. IAM Access Analyzer now analyzes resource policies, access control lists (ACLs), and access controls for these resources to make it easier to identify unintended public, cross-account, or cross-organization access. This helps you adhere to the security best practice of least privilege and reduce access to more of your resources.

IAM Access Analyzer also enables you to validate public and cross-account access before deploying permissions changes. Now, you can use IAM Access Analyzer APIs to preview access to these additional resources. This helps you validate access to more resources before deploying permissions changes.

IAM Access Analyzer is available in the IAM console and through APIs in the Amazon Web Services China (Beijing) Region, operated by Sinnet and the Amazon Web Services China (Ningxia) Region, operated by NWCD.

To learn more about IAM Access Analyzer, visit the IAM Documentation.