In AWS, ARN stands for Amazon Resource Name.

What an ARN is

An ARN is a globally unique identifier that points to a specific AWS resource, such as an EC2 instance, S3 bucket, Lambda function, or IAM user.

AWS uses ARNs whenever it needs to unambiguously refer to a resource across services, especially in IAM policies, tagging, and API calls.

Basic ARN format

Most ARNs follow a standard pattern:

text

arn:partition:service:region:account-id:resource

For example:

  • S3 bucket: arn:aws:s3:::my‑bucket
  • IAM user: arn:aws:iam::123456789012:user/David
  • Lambda function: arn:aws:lambda:us‑east‑1:123456789012:function:MyFunction

Why ARNs matter

  • They let you pinpoint one exact resource across regions and accounts, which is critical for security and automation.
  • In IAM policies, ARNs appear in the Resource field so you can grant or deny access to specific buckets, functions, queues, etc. , instead of “all resources.”

If you tell me which AWS service you’re working with (e.g., S3, Lambda, SNS), I can show you the exact ARN format and a realistic example for that service.