# Manage an IAM Access Analyzer unused access analyzer
Use the information in this topic to learn about how to update or delete an existing unused access analyzer.
**Note**
After you create or update an analyzer, it can take time for findings to be available.
## Update an unused access analyzer
Use the following procedure to update an unused access analyzer.
IAM Access Analyzer charges for unused access analysis based on the number of IAM roles and users analyzed per month per analyzer. For more details about pricing, see [IAM Access Analyzer pricing](https://aws.amazon.com/iam/access-analyzer/pricing).
1. Open the IAM console at [https://console.aws.amazon.com/iam/](https://console.aws.amazon.com/iam/).
1. Under **Access analyzer**, choose **Analyzer settings**.
1. In the **Analyzers** section, choose the name of the unused access analyzer to manage.
1. On the **Exclusion** tab, if the analyzer was created for an organization as the scope of analysis, choose **Manage** in the **Excluded AWS accounts** section.
1. To specify individual account IDs to exclude, choose **Specify AWS account ID** and enter the account IDs separated by commas in the **AWS account ID** field. Choose **Exclude**. The accounts are then listed in the **AWS accounts to exclude** table.
1. To choose from a list of accounts in your organization to exclude, choose **Choose from organization**.
1. You can search for accounts by name, email, and account ID in the **Exclude accounts from organization** field.
1. Choose **Hierarchy** to view your accounts by organizational unit or choose **List** to view a list of all individual accounts in your organization.
1. Choose **Exclude all current accounts** to exclude all accounts in an organizational unit or choose **Exclude** to exclude individual accounts.
The accounts are then listed in the **AWS accounts to exclude** table.
1. To remove accounts to exclude, choose **Remove** next to the account in the **AWS accounts to exclude** table.
1. Choose **Save changes**.
**Note**
Excluded accounts cannot include the organization analyzer owner account.
When new accounts are added to your organization, they are not excluded from analysis, even if you previously excluded all current accounts within an organizational unit.
After you update the exclusions for an analyzer, it can take up to two days for the list of excluded accounts to be updated.
1. On the **Exclusion** tab, choose **Manage** in the **Excluded IAM users and roles with tags** section.
1. You can specify key-value pairs for IAM users and roles to exclude from unused access analysis. For the **Tag key**, enter a value that is 1 to 128 characters in length and not prefixed with `aws:`. For the **Value**, you can enter a value that is 0 to 256 characters in length. If you don't enter a **Value**, the rule is applied to all principals with the specified **Tag key**.
1. Choose **Add new exclusion** to add additional key-value pairs to exclude.
1. To remove key-value pairs to exclude, choose **Remove** next to the key-value pair.
1. Choose **Save changes**.
1. On the **Archive rules** tab, you can create, edit, or delete archive rules for the analyzer. For more information, see [Archive rules](access-analyzer-archive-rules.md).
1. On the **Tags** tab, you can manage and create tags for the analyzer. For more information, see [Tags for AWS Identity and Access Management resources](id_tags.md).
## Delete an unused access analyzer
Use the following procedure to delete an unused access analyzer. When you delete an analyzer, the resources are no longer monitored and no new findings are generated. All findings that were generated by the analyzer are deleted.
1. Open the IAM console at [https://console.aws.amazon.com/iam/](https://console.aws.amazon.com/iam/).
1. Under **Access analyzer**, choose **Unused access**.
1. Under **Access analyzer**, choose **Analyzer settings**.
1. In the **Analyzers** section, choose the name of the unused access analyzer to delete.
1. Choose **Delete analyzer**.
1. Enter **delete** and choose **Delete** to confirm deleting the analyzer.