Home › AWS DevOps Pro › cloudcomputing › dopsecurity › Which AWS service inspects IAM policies and reso…
Which AWS service inspects IAM policies and resource policies to identify resources shared with external accounts — and identifies unused IAM access?
AAmazon GuardDuty
BAmazon RDS
CAWS Snowball
DAWS IAM Access Analyzer
Answer & Solution
Correct answer: D. AWS IAM Access Analyzer
IAM Access Analyzer flags external-share + unused access (per DOP-C02 §6.3). GuardDuty is threat-detection; the others are unrelated.
Related questions
Which AWS feature provides graph-based investigation of security findings to determine theWhich AWS feature lets a DevOps engineer apply preventive guardrails across an entire AWS Which AWS service automatically discovers and classifies sensitive data (PII, credentials,Which AWS service aggregates findings from GuardDuty + Inspector + IAM Access Analyzer + MWhich AWS service continuously analyses CloudTrail + VPC Flow + DNS logs with ML and threaWhich AWS service issues and rotates public TLS certificates for AWS load balancers, CloudWhich AWS service provides dedicated FIPS 140-2 Level 3 hardware HSMs for tenants with strWhich AWS service creates and rotates customer-managed encryption keys with IAM-controlled