[christophetd]

Hello! One of the authors here.

We did release some (hopefully) actionable guidance alongside the study[1].

Trusted Advisor is a fair point, but note that most of its security checks only come with the Business or above AWS support plan. IAM Access Analyzer is a great service but it currently supports only 6 resource types[2].

We'll look into adding both, appreciate the feedback!

[1]: https://securitylabs.datadoghq.com/articles/state-of-aws-clo...

[2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access-anal...

[cloudy_future]

"most of its security checks only come with the Business or above AWS support plan"

Another fair point is Datadog also charges for its product.

[christophetd]

Sure. My point is that Trusted Advisor is also a commercial product, as opposed to IAM Access Analyzer which is free.