CloudPath knowledge base

AWS Services Catalog

A report-backed catalog of AWS services shaped for quick browsing. The page preserves category, stage, lifecycle status, region and partition limitations, retirement notes, and notable caveats from the research report instead of flattening them into a generic spreadsheet.

Single source of truthInventory verified as of April 14, 2026

Tracked services

Full inventory currently on the page

111

Active today

Services marked Active in the report

Lifecycle watch

Deprecated, retiring, or retired entries

Limited or preview

Needs extra regional or stage validation

Quick focus

All services Lifecycle watch Active Region-limited Preview Deprecated Retiring Retired

View as

Cards Grid Table

How to read the labels

Stage and status come directly from the normalized report model.

Stage

Generally available according to the research report's normalized lifecycle model.

Preview

Public preview or other pre-GA availability called out in the report.

Retired/Discontinued

No longer offered as an active AWS service or capability in the report snapshot.

Status

Active

Available for normal use in the report snapshot.

Region-limited

Available, but only in the explicitly listed regions or partitions.

Deprecated

Still available, but AWS guidance in the report points learners toward alternatives.

Retiring

AWS has published an end date or support cutoff in the report sources.

Retired

Already shut down or unavailable to customers in the report snapshot.

Current view

The catalog is narrowed by your current search or focus.

Category: SecurityFocus: Active

Services shown

Categories shown

Watchouts in view

Clear all filters

Security

9 services

AWS IAM

GAActive$

Identity and access management service for controlling access to AWS resources via policies, roles, and users.

Lifecycle: GA stage - Active
Availability / regions: Global service (commercial partitions)
Typical use cases: Least-privilege policy enforcementcross-account role accessworkload identity for servicescentralized permission governance.
Cost signal: $ no direct IAM charge; costs are in managed resources and operations

Notes: Listed among global endpoints guidance.

Primary source

AWS IAM Identity Center

GAActive$$

Centralized workforce identity and SSO service for AWS accounts and applications.

Lifecycle: GA stage - Active
Availability / regions: Commercial (aws); regional availability varies
Typical use cases: Workforce SSO to AWS accountscentralized permission setsintegration with external IdPsapplication access governance.
Cost signal: $$ service/admin overhead; costs mainly from associated IdP and operations

Primary source

AWS KMS

GAActive$$

Key management service for creating/managing cryptographic keys and encryption operations across AWS services.

Lifecycle: GA stage - Active
Availability / regions: Commercial (aws); regional availability varies
Typical use cases: Envelope encryption for data servicesCMK governancesigning/encryption operationscompliance key control.
Cost signal: $$ per-key and per-request crypto operations; moderate unless high TPS

Primary source

AWS Secrets Manager

GAActive$$

Managed secrets storage/rotation service for credentials and application secrets.

Lifecycle: GA stage - Active
Availability / regions: Commercial (aws); regional availability varies
Typical use cases: DB credential rotationAPI key managementsecret distribution to appscentralized secret auditing.
Cost signal: $$ per-secret + API calls; moderate

Primary source

AWS Security Agent

GAActive$$$$

Frontier agent for on-demand penetration testing that scales autonomous security testing (including multicloud/on-prem) and aims to compress testing timelines versus periodic manual pen-tests.

Lifecycle: GA stage - Active
Availability / regions: Commercial (aws); availability details not enumerated in GA post
Typical use cases: Continuous penetration testing for app portfoliosvalidating findings via exploit chainsintegrating security checks into release cyclesmulticloud penetration testing consolidation.
Cost signal: $$$$ security testing at scale can drive substantial compute/analysis and integrations

Notes: Source conflict: GA announced Mar 31, 2026, but the product page header still says "Preview" in retrieved content.

Primary source Secondary source

AWS WAF

GAActive$$

Web application firewall for protecting web apps/APIs with rules and managed protections.

Lifecycle: GA stage - Active
Availability / regions: Commercial (aws); regional availability varies
Typical use cases: SQLi/XSS mitigationbot control (where available)API protectionmanaged rule enforcement.
Cost signal: $$ web ACLs + rule evals; scales with request volume

Notes: AWS WAF Classic is separately end-of-life.

Primary source

Amazon GuardDuty

GAActive$$$

Threat detection service that analyzes signals to identify suspicious activity and potential compromise.

Lifecycle: GA stage - Active
Availability / regions: Commercial (aws); regional availability varies
Typical use cases: Account compromise detectionmalware and anomaly alertssecurity monitoring across orgsSIEM integration pipelines.
Cost signal: $$$ based on analyzed data volumes and enabled features

Primary source

Amazon Inspector

GAActive$$$

Automated vulnerability management for workloads, while "Inspector Classic" is separately listed as retiring.

Lifecycle: GA stage - Active
Availability / regions: Commercial (aws); regional availability varies
Typical use cases: Vulnerability scanning for EC2/container imagescontinuous exposure monitoringtriage and remediation workflowscompliance reporting.
Cost signal: $$$ assessment scale + findings volume

Notes: Amazon Inspector Classic is separately listed in sunset with date May 20, 2026.

Primary source

Amazon Macie

GAActive$$$

Sensitive data discovery service (notably for S3) for identifying and classifying sensitive information.

Lifecycle: GA stage - Active
Availability / regions: Commercial (aws); regional availability varies
Typical use cases: PII discoverydata security posture for bucketscompliance assessmentsalerting on sensitive data exposure.
Cost signal: $$$ scanning volume + findings; can rise with large datasets

Primary source

Methodology snapshot

This page stays intentionally close to the source report.

Every catalog entry is populated from the uploaded AWS services research report. The page does not invent alternative maturity labels or hide lifecycle exceptions.

When the report flags source conflicts, retirement windows, region limits, or replacement guidance, that note is surfaced directly on the service card so learners can make safer architecture choices.