Skip to content

Policy: AccessAnalyzerServiceRolePolicy

ARN: arn:aws:iam::aws:policy/aws-service-role/AccessAnalyzerServiceRolePolicy

Allowed Actions

Actions Services
dynamodb:GetResourcePolicy dynamodb
dynamodb:ListStreams dynamodb
dynamodb:ListTables dynamodb
ec2:DescribeAddresses ec2
ec2:DescribeByoipCidrs ec2
ec2:DescribeSnapshotAttribute ec2
ec2:DescribeSnapshots ec2
ec2:DescribeVpcEndpoints ec2
ec2:DescribeVpcs ec2
ec2:GetSnapshotBlockPublicAccessState ec2
ecr:DescribeRepositories ecr
ecr:GetAccountSetting ecr
ecr:GetRegistryPolicy ecr
ecr:GetRepositoryPolicy ecr
elasticfilesystem:DescribeFileSystemPolicy elasticfilesystem
elasticfilesystem:DescribeFileSystems elasticfilesystem
iam:GenerateServiceLastAccessedDetails iam
iam:GetAccessKeyLastUsed iam
iam:GetGroup iam
iam:GetLoginProfile iam
iam:GetPolicy iam
iam:GetPolicyVersion iam
iam:GetRole iam
iam:GetRolePolicy iam
iam:GetServiceLastAccessedDetails iam
iam:GetUser iam
iam:GetUserPolicy iam
iam:ListAccessKeys iam
iam:ListAttachedRolePolicies iam
iam:ListAttachedUserPolicies iam
iam:ListEntitiesForPolicy iam
iam:ListGroupsForUser iam
iam:ListRolePolicies iam
iam:ListRoleTags iam
iam:ListRoles iam
iam:ListUserPolicies iam
iam:ListUserTags iam
iam:ListUsers iam
kms:DescribeKey kms
kms:GetKeyPolicy kms
kms:ListGrants kms
kms:ListKeyPolicies kms
kms:ListKeys kms
lambda:GetFunctionUrlConfig lambda
lambda:GetLayerVersionPolicy lambda
lambda:GetPolicy lambda
lambda:ListAliases lambda
lambda:ListFunctions lambda
lambda:ListLayerVersions lambda
lambda:ListLayers lambda
lambda:ListVersionsByFunction lambda
organizations:DescribeAccount organizations
organizations:DescribeOrganization organizations
organizations:DescribeOrganizationalUnit organizations
organizations:ListAWSServiceAccessForOrganization organizations
organizations:ListAccounts organizations
organizations:ListAccountsForParent organizations
organizations:ListChildren organizations
organizations:ListDelegatedAdministrators organizations
organizations:ListOrganizationalUnitsForParent organizations
organizations:ListParents organizations
organizations:ListRoots organizations
rds:DescribeDBClusterSnapshotAttributes rds
rds:DescribeDBClusterSnapshots rds
rds:DescribeDBSnapshotAttributes rds
rds:DescribeDBSnapshots rds
s3:DescribeMultiRegionAccessPointOperation s3
s3:GetAccessPoint s3
s3:GetAccessPointPolicy s3
s3:GetAccessPointPolicyStatus s3
s3:GetAccountPublicAccessBlock s3
s3:GetBucketAcl s3
s3:GetBucketLocation s3
s3:GetBucketPolicy s3
s3:GetBucketPolicyStatus s3
s3:GetBucketPublicAccessBlock s3
s3:GetMultiRegionAccessPoint s3
s3:GetMultiRegionAccessPointPolicy s3
s3:GetMultiRegionAccessPointPolicyStatus s3
s3:ListAccessPoints s3
s3:ListAllMyBuckets s3
s3:ListMultiRegionAccessPoints s3
s3express:GetAccessPoint s3express
s3express:GetAccessPointPolicy s3express
s3express:GetBucketPolicy s3express
s3express:ListAccessPointsForDirectoryBuckets s3express
s3express:ListAllMyDirectoryBuckets s3express
secretsmanager:DescribeSecret secretsmanager
secretsmanager:GetResourcePolicy secretsmanager
secretsmanager:ListSecrets secretsmanager
sns:GetTopicAttributes sns
sns:ListTopics sns
sqs:GetQueueAttributes sqs
sqs:ListQueues sqs