Policy Sentry IAM Least Privilege Policy Generator

Free

1 saves

Updated 11 March 2025

Policy Sentry IAM Least Privilege Policy Generator Step 1: Create the Template Step 2: Copy/paste ARNs Step 3: Write-policy command Tutorial Installation Package managers Shell completion Step 1: Create the Template Step 2: Copy/paste ARNs Step 3: Write-policy command Cheat sheets Policy Writing cheat sheet IAM Database Query Cheat Sheet Local Initialization (Optional) Other Usage Commands Python Library usage Docker Terraform References Documentation For walkthroughs and full documentation, please visit the project on ReadTheDocs. See the Salesforce Engineering Blog post on Policy Sentry. Overview Writing security-conscious IAM Policies by hand can be very tedious and inefficient. Many Infrastructure as Code developers have experienced something like this: Determined to make your best effort to give users and roles the least amount of privilege you need to perform your duties, you spend way too much time combing through the AWS IAM Documentation on Actions, Resources, and Condition Keys for AWS Services. Your team lead encourages you to build security into your IAM Policies for product quality, but eventually you get frustrated due to project deadlines. You don't have an embedded security person on your team who can write those IAM Policies for you, and there

FEATURES

The author has not provided features for this tool yet. If you are the author, please sign in or claim the tool to add features by clicking the icon above.

EXPLORE BY TAGS

Iam

Least Privilege

Security

Aws

SIMILAR TOOLS

Teller

Open-source universal secret manager for developers with seamless integration to various cloud services and vaults.

Free

IAM

Pathlock

Pathlock is an identity security platform that provides compliance-focused governance, access management, and continuous controls monitoring across enterprise applications with particular emphasis on ERP systems.

Commercial

IAM

AWS Vault

Securely store and access AWS credentials in a development environment.

Free

IAM

Airlock Secure Access Hub

Airlock Secure Access Hub is an integrated security platform that combines identity and access management with web application and API protection to secure digital applications while maintaining user experience.

Commercial

IAM

AWS IAM Access Analyzer

AWS IAM Access Analyzer is a tool for implementing and maintaining least privilege access in AWS environments through automated analysis and validation of IAM policies and permissions.

Commercial

IAM

Chamber

Chamber is a tool for managing secrets that utilizes AWS SSM Parameter Store.

Free

IAM

league/oauth2-server

A PHP OAuth 2.0 authorization server implementation with support for various grants and RFCs.

Free

IAM

CyberArk

CyberArk is an identity security platform that secures human and machine identities through privileged access management, secrets management, and intelligent privilege controls across on-premises, hybrid, and cloud environments.

Commercial

IAM

Ploy

A platform that helps companies automate the management of their SaaS identities and applications, providing visibility, security, and compliance across the organization's SaaS ecosystem.

Commercial

IAM

PINNED

Mandos

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security