Answer: AWS IAM Access Analyzer

AWS IAM Access Analyzer is the correct service that helps identify whether an Amazon S3 bucket or an IAM role has been shared with an external entity. **Key features of AWS IAM Access Analyzer:** - Analyzes resource-based policies to identify resources shared with external entities - Helps identify unintended access to your resources and data - Provides findings that show resources shared with external principals - Supports analysis of S3 buckets, IAM roles, KMS keys, Lambda functions, and SQS queues - Helps maintain security and compliance by identifying external access **Why other options are incorrect:** - **AWS Service Catalog**: Manages catalogs of IT services approved for use on AWS - **AWS Systems Manager**: Provides operational insights and automates management tasks - **AWS Organizations**: Helps centrally manage and govern multiple AWS accounts The checkmark (✅) in the source text confirms that AWS IAM Access Analyzer is the correct answer.

Author: Ritesh Yadav