AirIAM is an AWS IAM optimization framework that analyzes existing IAM usage patterns to generate least-privilege Terraform configurations. The tool scans current IAM implementations across AWS environments to identify actual permission usage and access patterns. It compiles this usage data to understand which permissions are actively utilized versus those that are granted but unused. Based on this analysis, AirIAM generates right-sized Terraform code that implements least-privilege access controls. The generated Terraform plans replace existing IAM management methods with infrastructure-as-code approaches. The framework enables organizations to migrate from over-privileged IAM configurations to properly scoped permissions while maintaining operational functionality. It integrates IAM management into standard infrastructure provisioning workflows. AirIAM supports tracking and auditing of IAM changes through version-controlled Terraform code. This allows administrators to review, approve, and deploy IAM modifications using established development processes.