IAMTrail

Unofficial

AWS silently updates Managed IAM policies all the time.
We catch every single change.

Full version history and diffs for 1525 AWS Managed IAM Policies, archived since 2019. | A service by zoph.io

Total Policies

1,525

Active AWS Managed Policies

Brand New (v1)

20

New AWS services/features

Deprecated

74

Removed from AWS

Most Active

100

ReadOnlyAccess...

Brand New Policies (v1)

Spot upcoming AWS services early - 20 new policies detected

AmazonRoute53GlobalResolverReadOnlyAccess

v1 / 3/9/2026

AmazonRoute53GlobalResolverFullAccess

v1 / 3/9/2026

AWSHealthOmicsServiceLinkedRolePolicy

v1 / 3/4/2026

AWSTransformSecretsManagerConnectorPolicy

v1 / 3/4/2026

CloudWatchLogsAPIKeyAccess

v1 / 2/20/2026

AWSServiceRoleForAIDevOpsPolicy

v1 / 2/16/2026

View all 20 new policies
Free - No account needed

Get notified when policies change

Daily or weekly email digests with inline diffs. Pick specific policies or track them all.

Subscribe

Policy Creation by Year

Number of AWS managed policies first tracked each year

57
20
71
21
47
22
71
23
100
24
78
25
4
26
2020428 total policies2026

Largest Policy

4054 actions

AWSSupportServiceRolePoli...

AWS Services Tracked

424

IAM service namespaces over time

Year-over-Year Velocity

Total policy commits per year - new launches vs. updates

859 total (57 new, 802 updates)
20
660 total (71 new, 589 updates)
21
652 total (47 new, 605 updates)
22
754 total (71 new, 683 updates)
23
656 total (100 new, 556 updates)
24
787 total (78 new, 709 updates)
25
105 total (4 new, 101 updates)
26
UpdatesNew launches4,473 total commits tracked

Excludes 4 bulk-reformat day(s) where detection logic changes caused false-positive diffs.

Policy Lifecycle

Current version distribution across all policies

v1
592
v2
218
v3
196
v4
105
v5
64
v6-10
222
v11-20
95
v21+
33

39% of policies (592) are still at v1 - created once and never updated.

Most revised

ReadOnlyAccessv178AWSConfigServiceRolePolicyv90SecurityAuditv85SageMakerStudioProjectProvisioningRolePolicyv78AWS_ConfigRolev67

Monthly Seasonality

Policy change volume by calendar month across all years

276
Jan
312
Feb
307
Mar
325
Apr
325
May
363
Jun
303
Jul
349
Aug
323
Sep
374
Oct
768
Nov
448
Dec
re:Invent season (Nov-Dec) - 63% above average

re:Invent Pulse

Policy changes during the Nov 15 - Dec 15 window each year

131 changes, 21 new
20
147 changes, 16 new
21
118 changes, 6 new
22
156 changes, 11 new
23
145 changes, 41 new
24
156 changes, 14 new
25
UpdatesNew launches

Recently Updated

AWSCompromisedKeyQuarantineV3

Today/ 12 versions

AWSElasticBeanstalkManagedUpdatesServiceRolePolicy

Today/ 14 versions

WellArchitectedConsoleFullAccess

4 days ago/ 9 versions

WellArchitectedConsoleReadOnlyAccess

4 days ago/ 10 versions

WorkLinkServiceRolePolicy

4 days ago/ 9 versions

VPCLatticeFullAccess

4 days ago/ 7 versions

VPCLatticeReadOnlyAccess

4 days ago/ 7 versions

VPCLatticeServicesInvokeAccess

4 days ago/ 11 versions

ViewOnlyAccess

4 days ago/ 33 versions

WAFLoggingServiceRolePolicy

4 days ago/ 9 versions

Most Volatile (Trailing 12 Months)

SecurityAgentWebAppPolicy10 changesSecurityAudit10 changesSageMakerStudioProjectUserRolePolicy10 changesSageMakerStudioUserIAMDefaultExecutionPolicy10 changesSageMakerStudioUserIAMPermissiveExecutionPolicy10 changesSageMakerStudioProjectProvisioningRolePolicy10 changesSageMakerStudioProjectRoleMachineLearningPolicy10 changesSageMakerStudioDomainExecutionRolePolicy10 changesSageMakerStudioAdminIAMDefaultExecutionPolicy10 changesSageMakerStudioAdminIAMPermissiveExecutionPolicy10 changes

Newest Policies

AWSCompromisedKeyQuarantineV3

Today

AWSElasticBeanstalkManagedUpdatesServiceRolePolicy

Today

AWSPartnerCentralFullAccess

4 days ago

AWSPartnerCentralSandboxFullAccess

4 days ago

AWSPartnerCentralOpportunityManagement

4 days ago

PartnerCentralIncentiveBenefitManagement

4 days ago

AWSElasticBeanstalkWebTier

4 days ago

AWSElasticBeanstalkWorkerTier

4 days ago

AWSElasticBeanstalkMulticontainerDocker

4 days ago

AWSObservabilityAdminTelemetryEnablementServiceRolePolicy

4 days ago

Oldest Policies

AWSOpsWorksRegisterCLI

7y 1m ago

AmazonMachineLearningRoleforRedshiftDataSource

7y 1m ago

TagGovernancePolicy

7y 1m ago

AWSLambdaReplicatorInternal

6y 9m ago

AmazonEverestServicePolicy

6y 7m ago

AWSB9InternalServicePolicy

6y 6m ago

AWSBackupAdminPolicy

6y 6m ago

AWSBackupOperatorPolicy

6y 6m ago

AWSCloudTrailFullAccess

6y 6m ago

AWSDataPipelineRole

6y 6m ago