Using IAM Access Analyzer Policy Generation with Stax
Stax provides a preconfigured service role that can be used with IAM Access Analyzer's policy generation feature. The role, called AccessAnalyzerMonitorServiceRole_stax is available in all Stax-managed AWS Organizations and grants the relevant access for IAM Access Analyzer to conduct the policy generation.
When using IAM Access Analyzer policy generation with Stax, within the CloudTrail access section, ensure to choose the appropriate settings:
| Setting | Value |
|---|---|
| Region | The AWS region for your Stax Installation Region |
| Trail | stax-assurance-cloudtrail |
| Specify regions | As desired |
| Service role | Use an existing service role: AccessAnalyzerMonitorServiceRole_stax |
For more information on using this feature, see the documentation here.