Posted On: Oct 15, 2020
Amazon Identity and Access Management (IAM) Access Analyzer now supports archive rules that allow you to retroactively mark existing findings as intended. Archive rules automatically archive new findings for public and cross-account access that meet the criteria you define. Now, you can apply the rules retroactively to mark existing findings as intended. For example, you can create a rule to archive all findings for a specific S3 bucket that you regularly grant read access to. This lets you focus on remediating findings that help you reduce broad access.
IAM Access Analyzer is available in the IAM console and through APIs in the Amazon Web Services China (Beijing) region, operated by Sinnet and the Amazon Web Services China (Ningxia) region, operated by NWCD.
To learn more about IAM Access Analyzer, visit the IAM Documentation.