IAM Access Analyzer endpoints and quotas
This section lists the the service endpoints and service quotas for the service. To connect programmatically to an AWS service, you use an endpoint. For more information, see AWS service endpoints.
In addition to the standard AWS endpoints, some AWS services offer the following endpoints in some or all of the AWS Regions that the service is supported in:
IPv4 endpoints — These endpoints support only IPv4 requests and have the following format:
service-name.region.amazonaws.com.rproxy.goskope.comDual-stack endpoints — These endpoints support both IPv4 requests and IPv6 requests and have the following format:
service-name.region.api.awsFIPS endpoints — These endpoints comply with the Federal Information Processing Standards (FIPS) and can support either IPv4 requests or dual-stack (IPv4 and IPv6) requests. FIPS endpoints have the following format:
service-name-fips.region.ip-endpoint-typeip-endpoint-typeisamazonaws.com(for IPv4 requests) orapi.aws(for IPv4 or IPv6 requests).
Service quotas, also referred to as limits, are the maximum number of service resources or operations for your AWS account. For more information, see AWS service quotas.
Note
AWS recommends that you use Regional STS endpoints within your applications, and avoid using global (legacy) STS endpoints. Regional STS endpoints reduce latency, build in redundancy, and increase session token validity. For more information about configuring your applications to use a Regional STS endpoint, see AWS STS Regionalized endpoints in the AWS SDKs and Tools Reference Guide. For more information about global (legacy) AWS STS endpoints, including how to monitor for use of this type of endpoint, see How to use Regional AWS STS endpoints in the AWS Security blog.
Service endpoints
| Region Name | Region | Endpoint | Protocol |
|---|---|---|---|
| US East (Ohio) | us-east-2 |
access-analyzer.us-east-2.amazonaws.com access-analyzer-fips.us-east-2.amazonaws.com |
HTTPS HTTPS |
| US East (N. Virginia) | us-east-1 |
access-analyzer.us-east-1.amazonaws.com access-analyzer-fips.us-east-1.amazonaws.com |
HTTPS HTTPS |
| US West (N. California) | us-west-1 |
access-analyzer.us-west-1.amazonaws.com access-analyzer-fips.us-west-1.amazonaws.com |
HTTPS HTTPS |
| US West (Oregon) | us-west-2 |
access-analyzer.us-west-2.amazonaws.com access-analyzer-fips.us-west-2.amazonaws.com |
HTTPS HTTPS |
| Africa (Cape Town) | af-south-1 | access-analyzer.af-south-1.amazonaws.com | HTTPS |
| Asia Pacific (Hong Kong) | ap-east-1 | access-analyzer.ap-east-1.amazonaws.com | HTTPS |
| Asia Pacific (Hyderabad) | ap-south-2 | access-analyzer.ap-south-2.amazonaws.com | HTTPS |
| Asia Pacific (Jakarta) | ap-southeast-3 | access-analyzer.ap-southeast-3.amazonaws.com | HTTPS |
| Asia Pacific (Malaysia) | ap-southeast-5 | access-analyzer.ap-southeast-5.amazonaws.com | HTTPS |
| Asia Pacific (Melbourne) | ap-southeast-4 | access-analyzer.ap-southeast-4.amazonaws.com | HTTPS |
| Asia Pacific (Mumbai) | ap-south-1 | access-analyzer.ap-south-1.amazonaws.com | HTTPS |
| Asia Pacific (Osaka) | ap-northeast-3 | access-analyzer.ap-northeast-3.amazonaws.com | HTTPS |
| Asia Pacific (Seoul) | ap-northeast-2 | access-analyzer.ap-northeast-2.amazonaws.com | HTTPS |
| Asia Pacific (Singapore) | ap-southeast-1 | access-analyzer.ap-southeast-1.amazonaws.com | HTTPS |
| Asia Pacific (Sydney) | ap-southeast-2 | access-analyzer.ap-southeast-2.amazonaws.com | HTTPS |
| Asia Pacific (Thailand) | ap-southeast-7 | access-analyzer.ap-southeast-7.amazonaws.com | HTTPS |
| Asia Pacific (Tokyo) | ap-northeast-1 | access-analyzer.ap-northeast-1.amazonaws.com | HTTPS |
| Canada (Central) | ca-central-1 |
access-analyzer.ca-central-1.amazonaws.com access-analyzer-fips.ca-central-1.amazonaws.com |
HTTPS HTTPS |
| Canada West (Calgary) | ca-west-1 |
access-analyzer.ca-west-1.amazonaws.com access-analyzer-fips.ca-west-1.amazonaws.com |
HTTPS HTTPS |
| Europe (Frankfurt) | eu-central-1 | access-analyzer.eu-central-1.amazonaws.com | HTTPS |
| Europe (Ireland) | eu-west-1 | access-analyzer.eu-west-1.amazonaws.com | HTTPS |
| Europe (London) | eu-west-2 | access-analyzer.eu-west-2.amazonaws.com | HTTPS |
| Europe (Milan) | eu-south-1 | access-analyzer.eu-south-1.amazonaws.com | HTTPS |
| Europe (Paris) | eu-west-3 | access-analyzer.eu-west-3.amazonaws.com | HTTPS |
| Europe (Spain) | eu-south-2 | access-analyzer.eu-south-2.amazonaws.com | HTTPS |
| Europe (Stockholm) | eu-north-1 | access-analyzer.eu-north-1.amazonaws.com | HTTPS |
| Europe (Zurich) | eu-central-2 | access-analyzer.eu-central-2.amazonaws.com | HTTPS |
| Israel (Tel Aviv) | il-central-1 | access-analyzer.il-central-1.amazonaws.com | HTTPS |
| Mexico (Central) | mx-central-1 | access-analyzer.mx-central-1.amazonaws.com | HTTPS |
| Middle East (Bahrain) | me-south-1 | access-analyzer.me-south-1.amazonaws.com | HTTPS |
| Middle East (UAE) | me-central-1 | access-analyzer.me-central-1.amazonaws.com | HTTPS |
| South America (São Paulo) | sa-east-1 | access-analyzer.sa-east-1.amazonaws.com | HTTPS |
| AWS GovCloud (US-East) | us-gov-east-1 | access-analyzer.us-gov-east-1.amazonaws.com | HTTPS |
| AWS GovCloud (US-West) | us-gov-west-1 | access-analyzer.us-gov-west-1.amazonaws.com | HTTPS |
Service quotas
| Name | Default | Adjustable | Description |
|---|---|---|---|
| Access previews per analyzer per hour | Each supported Region: 1,000 |
Yes |
The maximum number of access previews per analyzer per hour. |
| Account level analyzer | Each supported Region: 1 | No | The maximum number of account level analyzers that can be created per analyzer type per AWS Account per Region. |
| Archive rules per analyzer | Each supported Region: 100 |
Yes |
The maximum number of archive rules per analyzer. |
| CloudTrail log files processed per policy generation | Each supported Region: 100,000 | No | The maximum number of CloudTrail log files that can be processed per policy generation. |
| Concurrent policy generations | Each supported Region: 1 | No | The maximum number of concurrent policy generations. |
| Organization level analyzer | Each supported Region: 5 |
Yes |
The maximum number of organization level analyzers that can be created per analyzer type per AWS Account per Region. |
| Policy generation CloudTrail data size | Each supported Region: 25 Gigabytes | No | The maximum size of CloudTrail data per policy generation. |
| Policy generation CloudTrail time range | Each supported Region: 90 | No | The maximum CloudTrail time range that you can select in days when you generate a policy. |
| Policy generations per day |
af-south-1: 5 ap-east-1: 5 ap-southeast-3: 5 eu-south-1: 5 me-south-1: 5 Each of the other supported Regions: 50 |
No | The maximum number of policy generations per day. |
