Announcements

What’s changing

From January 2026, the use of IAM Access Analyzer will become a mandatory service for all Cloud Managed Services agreements.

• This will apply to all contract renewals and new engagements from January 2026 onward
• IAM Access Analyzer will be enabled at the account or organisational level to improve visibility and governance over IAM permissions
  
  

Why this change matters

IAM Access Analyzer is a native AWS tool that is designed to continuously monitor and detect:

• Unintended external access to AWS resources such as S3 buckets, IAM roles, and KMS keys
• Overly permissive IAM policies and misconfigured trust relationships
  
  

By proactively surfacing risks, IAM Access Analyzer enables:

• Faster remediation of security risks
• Improved alignment with zero-trust principles and least privilege access
• Enhanced audit readiness for compliance frameworks such as ISO, SOC, and AWS MSP
  
  

What you can expect

• Bi-annual reports will be shared as part of your managed services engagement, including key findings from IAM Access Analyzer, as well as recommended remediation actions
• More frequent reporting can be arranged on request, based on your compliance or governance needs

Enablement and next steps

While this requirement becomes effective in January 2026, you may choose to enable IAM Access Analyzer earlier. We will discuss this during your next SLA review in June 2025, where we’ll cover:

• Enablement options
• Customised timelines based on your environment
• Estimated impact and benefits

Impact overview

If you have any questions or would like to enable IAM Access Analyzer ahead of schedule, please reach out to your Technical Account Manager.