AWS Identity and Access Management (IAM) Access Analyzer policy generation has expanded support to identify actions of over 200 AWS services to help developers create fine-grained policies based on their AWS CloudTrail access activity. The new service additions include actions from services such as AWS Auto Scaling, Amazon Redshift, and Amazon Route 53. When developers initiate policy generation, IAM Access Analyzer gets to work and generates a policy by analyzing their AWS CloudTrail logs to identify actions used. For example, developers building applications might want to grant the applications permissions to access AWS resources. They can use policy generation to create a fine-grained policy and limit application role’s permissions to only those necessary. The generated policy provides developers a starting point and makes it easier for developers to grant only the required permissions to run their workloads.
Source:: Amazon AWS