37 actions in the access-analyzer service. Select an action to see its access level, resource ARNs, condition keys, and a copy-paste IAM policy.
Grants permission to apply an archive rule
Grants permission to cancel a policy generation
Grants permission to check that specified access is not allowed by a policy
Grants permission to check that no new access is allowed when compared to an existing policy
Grants permission to check that public access is not allowed by a resource policy
Grants permission to create an access preview for the specified analyzer
Grants permission to create an analyzer
Grants permission to create an archive rule for the specified analyzer
Grants permission to create a service-linked analyzer
Grants permission to delete the specified analyzer
Grants permission to delete archive rules for the specified analyzer
Grants permission to delete the specified service-linked analyzer
Grants permission to generate recommendation steps to resolve a finding
Grants permission to retrieve information about an access preview
Grants permission to retrieve information about an analyzed resource
Grants permission to retrieve information about analyzers
Grants permission to retrieve information about archive rules for the specified analyzer
Grants permission to retrieve findings
Grants permission to retrieve recommendation steps to resolve a finding
Grants permission to retrieve statistics for findings
Grants permission to retrieve a policy that was generated using StartPolicyGeneration
Grants permission to retrieve a list of findings from an access preview
Grants permission to retrieve a list of access previews
Grants permission to retrieve a list of resources that have been analyzed
Grants permission to retrieves a list of analyzers
Grants permission to retrieve a list of archive rules from an analyzer
Grants permission to retrieve a list of findings from an analyzer
Grants permission to list all the recently started policy generations
Grants permission to retrieve a list of tags applied to a resource
Grants permission to start a policy generation
Grants permission to start a scan of the policies applied to a resource
Grants permission to add a tag to a resource
Grants permission to remove a tag from a resource
Grants permission to modify an analyzer's configuration
Grants permission to modify an archive rule
Grants permission to modify findings
Grants permission to validate a policy