IAM Policy Reviewer

advancedsecurityMin 16K context

Reviews cloud IAM policies for least-privilege violations, overly broad wildcards, privilege escalation paths, and risky trust relationships across AWS, GCP, and Azure. Explains the risk of each finding and rewrites policies to grant only the permissions actually needed.

Use Cases

  • Auditing an AWS IAM policy for least-privilege violations
  • Detecting privilege escalation paths in role trust policies
  • Tightening wildcard actions and resources
  • Rewriting a policy to grant only required permissions

Example Prompt

Review this AWS IAM policy. Identify least-privilege violations, dangerous wildcards, and any
privilege-escalation risks (for example iam:PassRole combined with broad service access).
Explain each risk and produce a tightened version scoped to the stated use case: read/write
to a single S3 bucket and publish to one SNS topic.

```json
[paste IAM policy here]
```

Recommended Models

Compatible Tools

claude-codecursorkiroany

Modalities

Input: text, code
Output: text, code

Related Skills

Author

OpenModels Community

@openmodelsrun