Amazon Resource Name (ARN)
What is an Amazon Resource Name (ARN)?
An Amazon Resource Name is a file naming convention used to identify a particular resource in the Amazon Web Services (AWS) public cloud. ARNs, which are specific to AWS, help an administrator track and use AWS items and policies across AWS products and API calls.
An ARN adheres to several general naming conventions, depending on the AWS cloud service that is in use. Individual elements of the ARN syntax are called namespaces, and users must enter the appropriate namespace to create a functional ARN. The partition and the service, the first and second parts of the naming convention, correspond to the respective locations in which the resource resides. Account-id refers to the user's AWS account number, which may or may not be necessary, depending on the resource.
The following ARNs explain the general naming format:
- arn:partition:service:region:account-id:resource
- arn:partition:service:region:account-id:resourcetype/resource
- arn:partition:service:region:account-id:resourcetype:resource
Some AWS cloud resources do not require that an administrator enter a specific region, while others do. Syntax for resources and resource types varies greatly for each service, and often includes an indicator -- such as a slash or colon -- of the type of resource to which it refers.
Certain services allow an AWS customer to specify a path for the ARN, such as Amazon Simple Storage Service and AWS Identity and Access Management. Paths can also include a wildcard character, such as an asterisk, to denote that which users, groups or resources are included in an account.