Update an external access analyzer Delete an external access analyzer

Manage an IAM Access Analyzer external access analyzer

To enable an external access analyzer in a Region, you must create an analyzer in that Region. You must create an external access analyzer in each Region in which you want to monitor access to your resources.

Note

After you create or update an analyzer, it can take time for findings to be available.

Update an external access analyzer

Use the following procedure to update an external access analyzer.

Open the IAM console at https://console.aws.amazon.com/iam/.
Under Access analyzer, choose Analyzer settings.
In the Analyzers section, choose the name of the external access analyzer to manage.
On the Archive rules tab, you can create, edit, or delete archive rules for the analyzer. For more information, see Archive rules.
On the Tags tab, you can manage and create tags for the analyzer. For more information, see Tags for AWS Identity and Access Management resources.

Delete an external access analyzer

Use the following procedure to delete an external access analyzer. When you delete an analyzer, the resources are no longer monitored and no new findings are generated. All findings that were generated by the analyzer are deleted.

Open the IAM console at https://console.aws.amazon.com/iam/.
Under Access analyzer, choose Analyzer settings.
In the Analyzers section, choose the name of the external access analyzer to delete.
Choose Delete analyzer.
Enter delete and choose Delete to confirm deleting the analyzer.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Create an external access analyzer

Create an internal access analyzer