AWS IAM Access Analyzer is a service that identifies overprivileged resources in your AWS environment and validates your IAM policies against established best practices. Datadog Cloud Infrastructure Entitlement Management (CIEM) now integrates with AWS IAM Access Analyzer to help detect permission gaps in your cloud infrastructure and determine next steps for remediation. Datadog CIEM helps identify and address entitlement risks across your cloud environment by continually scanning your cloud infrastructure to surface issues such as lingering administrative privileges, privilege escalations, permission gaps, large blast radii, and cross-account access. The integration allows you to see unused access findings directly in Datadog, which can create risk in your environment by granting excessive access to sensitive cloud resources. When a finding is detected, Datadog CIEM suggests a comprehensive downsized policy that incorporates all of AWS IAM Access Analyzer's unused access detections, so you can mitigate permission gaps across your entire environment by adopting the suggested policy.