← Back to Portfolio ← Back to Projects
πŸ”
Restrictive AWS policies v1.0

IAM Least Privilege Refiner

Analyzes backend code to generate the most restrictive AWS IAM policies possible. Detects SDK method calls, maps them to exact IAM actions, extracts resource identifiers, and outputs both JSON and Terraform policy formats.

AWS IAM Security Terraform Python Node.js Go Java
View Repository View on Skills.sh

Screenshots

Code analysis interface

Static code auditing to identify minimum required permissions

Generated IAM policy

Strict IAM action mapping based on actual SDK usage

Overview

IAM Least Privilege Refiner is a security skill that analyzes backend code (Python/boto3, Node.js/AWS SDK v3, Go/v2, Java/v2) to generate the most restrictive AWS IAM policies possible. It automatically detects SDK method calls, maps them to exact IAM actions (zero wildcards), extracts resource identifiers from environment variables, identifies implicit dependencies (KMS, CloudWatch, STS), and generates policies in both JSON and Terraform formats. Ideal for security and DevOps teams that need to implement the least privilege principle without manually analyzing every line of code.

← All Projects View on GitHub β†’