PermissionLint

Detect overprivileged IAM roles and suggest least-privilege policy refinements

Code & DevelopmentPaid

PermissionLint analyzes IAM policies across AWS, GCP, and Azure to identify overprivileged roles where granted permissions significantly exceed actual usage. The tool compares policy statements against CloudTrail and audit log access patterns to determine which permissions are actively used versus dormant, and generates refined least-privilege policies that maintain operational functionality. It detects wildcard permissions, cross-account access patterns, and privilege escalation paths. Security teams use it to reduce their identity attack surface without breaking production workloads.

Key Features

• ✓Usage-based analysis
• ✓Least-privilege generation
• ✓Wildcard detection
• ✓Escalation path identification
• ✓Multi-cloud support