Bearse Feature IAM Access Analyzer

Setup AWS IAM Access Analyzer with Bearse

IAM Access Analyzer is an AWS service within AWS Identity Access Management (IAM). Access Analyzer provides a means for users to monitor and control access to other AWS service, resource and credentials. Further reading on the service can be found here. With this new feature we can deploy Access analyzer into multiple AWS account simultaneously.

The Bearse feature for access analyzer is minimal, comprising of two main objectives:

This leaves the user to simply login to the deployed account and create Archive Rules as they see fit. While it is desirable to create a default set of Archive Rules which most customers could use, we have found that the rules themselves are too specific to a particular customers environment and have decided to leave rule configuration for the customers desecration.


In accordance with other bearse features this feature can be deployed into any AWS account without any prior configuration. The feature can be deployed in a variety of configurations to best suit the customer and AWS environment:

More information on the working, deployment and configuration of the Access Analyzer bearse feature can be found here.

For more details on AWS IAM Access Analyzer checkout the AWS documentation.