CloudPath knowledge base

AWS Services Catalog

A report-backed catalog of AWS services shaped for quick browsing. The page preserves category, stage, lifecycle status, region and partition limitations, retirement notes, and notable caveats from the research report instead of flattening them into a generic spreadsheet.

Single source of truthInventory verified as of April 14, 2026

Tracked services

Full inventory currently on the page

111

Active today

Services marked Active in the report

Lifecycle watch

Deprecated, retiring, or retired entries

Limited or preview

Needs extra regional or stage validation

Quick focus

All services Lifecycle watch Active Region-limited Preview Deprecated Retiring Retired

View as

Cards Grid Table

How to read the labels

Stage and status come directly from the normalized report model.

Stage

Generally available according to the research report's normalized lifecycle model.

Preview

Public preview or other pre-GA availability called out in the report.

Retired/Discontinued

No longer offered as an active AWS service or capability in the report snapshot.

Status

Active

Available for normal use in the report snapshot.

Region-limited

Available, but only in the explicitly listed regions or partitions.

Deprecated

Still available, but AWS guidance in the report points learners toward alternatives.

Retiring

AWS has published an end date or support cutoff in the report sources.

Retired

Already shut down or unavailable to customers in the report snapshot.

Current view

The catalog is narrowed by your current search or focus.

Category: Security

Services shown

Categories shown

Watchouts in view

Clear all filters

Security

13 services4 watchouts

AWS Audit Manager

GADeprecated$$

Compliance posture reporting service moving to maintenance mode; AWS indicates no new features/frameworks/region expansion and recommends AWS Config Conformance Packs as an alternative.

Lifecycle: GA stage - Deprecated (still available but discouraged)
Availability / regions: Commercial (aws); new-account onboarding restricted after date
Typical use cases: Evidence collection for auditsmapping controls to SOC2/PCI/HIPAAcontinuous compliance reportingaudit preparation workflows.
Cost signal: $$ service ops are moderate; main cost drivers are evidence/log sources and scale

Notes: No new customers starting Apr 30, 2026; continued use is constrained by account/region setup rules described in notice.

Primary source

AWS CloudTrail Lake

GADeprecated$$$

Managed solution for capturing/storing/analyzing audit logs from AWS and non-AWS sources; AWS states Trails remain fully supported while Lake receives only critical fixes/security updates and closes to new customers.

Lifecycle: GA stage - Deprecated (still available but discouraged)
Availability / regions: Commercial (aws); closed to new customers May 31, 2026
Typical use cases: Long-term audit log analyticscross-account/org event-data-store designsquerying non-AWS logs with audit dataforensic investigations.
Cost signal: $$$ log ingestion/storage/querying at scale; multi-account/org EDS storage

Notes: New customers closed May 31, 2026; existing customers continue; Trails/Insights/Aggregated Events unaffected.

Primary source

AWS IAM

GAActive$

Identity and access management service for controlling access to AWS resources via policies, roles, and users.

Lifecycle: GA stage - Active
Availability / regions: Global service (commercial partitions)
Typical use cases: Least-privilege policy enforcementcross-account role accessworkload identity for servicescentralized permission governance.
Cost signal: $ no direct IAM charge; costs are in managed resources and operations

Notes: Listed among global endpoints guidance.

Primary source

AWS IAM Identity Center

GAActive$$

Centralized workforce identity and SSO service for AWS accounts and applications.

Lifecycle: GA stage - Active
Availability / regions: Commercial (aws); regional availability varies
Typical use cases: Workforce SSO to AWS accountscentralized permission setsintegration with external IdPsapplication access governance.
Cost signal: $$ service/admin overhead; costs mainly from associated IdP and operations

Primary source

AWS KMS

GAActive$$

Key management service for creating/managing cryptographic keys and encryption operations across AWS services.

Lifecycle: GA stage - Active
Availability / regions: Commercial (aws); regional availability varies
Typical use cases: Envelope encryption for data servicesCMK governancesigning/encryption operationscompliance key control.
Cost signal: $$ per-key and per-request crypto operations; moderate unless high TPS

Primary source

AWS Secrets Manager

GAActive$$

Managed secrets storage/rotation service for credentials and application secrets.

Lifecycle: GA stage - Active
Availability / regions: Commercial (aws); regional availability varies
Typical use cases: DB credential rotationAPI key managementsecret distribution to appscentralized secret auditing.
Cost signal: $$ per-secret + API calls; moderate

Primary source

AWS Security Agent

GAActive$$$$

Frontier agent for on-demand penetration testing that scales autonomous security testing (including multicloud/on-prem) and aims to compress testing timelines versus periodic manual pen-tests.

Lifecycle: GA stage - Active
Availability / regions: Commercial (aws); availability details not enumerated in GA post
Typical use cases: Continuous penetration testing for app portfoliosvalidating findings via exploit chainsintegrating security checks into release cyclesmulticloud penetration testing consolidation.
Cost signal: $$$$ security testing at scale can drive substantial compute/analysis and integrations

Notes: Source conflict: GA announced Mar 31, 2026, but the product page header still says "Preview" in retrieved content.

Primary source Secondary source

AWS WAF

GAActive$$

Web application firewall for protecting web apps/APIs with rules and managed protections.

Lifecycle: GA stage - Active
Availability / regions: Commercial (aws); regional availability varies
Typical use cases: SQLi/XSS mitigationbot control (where available)API protectionmanaged rule enforcement.
Cost signal: $$ web ACLs + rule evals; scales with request volume

Notes: AWS WAF Classic is separately end-of-life.

Primary source

AWS WAF Classic

GARetiring$$

Legacy WAF version undergoing planned end-of-life; documentation directs customers to AWS Health Dashboard for region-specific milestones/dates and provides migration to AWS WAF.

Lifecycle: GA stage - Retiring (announced end date)
Availability / regions: Commercial (aws); timelines vary by Region
Typical use cases: Legacy web ACLs created pre-Nov 2019phased migration to modern AWS WAFmaintaining legacy protections during migrationcompatibility troubleshooting.
Cost signal: $$ rule evaluations and web ACL scale; typical WAF cost drivers

Notes: Exact end dates are region-specific per doc; use AWS Health Dashboard milestones.

Primary source Secondary source

Amazon Connect Voice ID

GARetiring$$$$

Voice biometrics feature listed in "Services in Sunset" with a published sunset date.

Lifecycle: GA stage - Retiring (announced end date)
Availability / regions: Commercial (aws)
Typical use cases: Caller voice authenticationfraud reduction in contact centersstep-up verification for high-risk callsidentity verification workflows.
Cost signal: $$$$ per-minute/contact-center workloads + ML processing

Notes: Sunset date May 20, 2026.

Primary source

Amazon GuardDuty

GAActive$$$

Threat detection service that analyzes signals to identify suspicious activity and potential compromise.

Lifecycle: GA stage - Active
Availability / regions: Commercial (aws); regional availability varies
Typical use cases: Account compromise detectionmalware and anomaly alertssecurity monitoring across orgsSIEM integration pipelines.
Cost signal: $$$ based on analyzed data volumes and enabled features

Primary source

Amazon Inspector

GAActive$$$

Automated vulnerability management for workloads, while "Inspector Classic" is separately listed as retiring.

Lifecycle: GA stage - Active
Availability / regions: Commercial (aws); regional availability varies
Typical use cases: Vulnerability scanning for EC2/container imagescontinuous exposure monitoringtriage and remediation workflowscompliance reporting.
Cost signal: $$$ assessment scale + findings volume

Notes: Amazon Inspector Classic is separately listed in sunset with date May 20, 2026.

Primary source

Amazon Macie

GAActive$$$

Sensitive data discovery service (notably for S3) for identifying and classifying sensitive information.

Lifecycle: GA stage - Active
Availability / regions: Commercial (aws); regional availability varies
Typical use cases: PII discoverydata security posture for bucketscompliance assessmentsalerting on sensitive data exposure.
Cost signal: $$$ scanning volume + findings; can rise with large datasets

Primary source

Methodology snapshot

This page stays intentionally close to the source report.

Every catalog entry is populated from the uploaded AWS services research report. The page does not invent alternative maturity labels or hide lifecycle exceptions.

When the report flags source conflicts, retirement windows, region limits, or replacement guidance, that note is surfaced directly on the service card so learners can make safer architecture choices.