Previously known as MAMIP (Monitor AWS Managed IAM Policies).
Track every change to AWS Managed IAM Policies with full version history and validation.
Explore AWS Managed IAM Policies through a searchable web interface at iamtrail.com:
- Search and filter across 1,465+ managed policies
- Full version history with git diffs for every policy
- Syntax-highlighted JSON policy viewer
- New (v1) policy tracking to spot new AWS services
- Policy validation findings from AWS Access Analyzer
- Known AWS Account lookup - identify who owns an AWS account ID, powered by the fwdcloudsec/known_aws_accounts community dataset
Subscribe to policy changes:
- Email Digest (recommended): Subscribe on iamtrail.com - daily or weekly emails with inline diffs, per-policy filtering, no account required
- Bluesky: @iamtrail.bsky.social
- X/Twitter: @iamtrail_
- RSS: Commit feed
All policies are stored as JSON in this repository and updated automatically every 4 hours on weekdays.
| Path | Description |
|---|---|
policies/ |
1,465+ current AWS Managed IAM Policies |
findings/ |
Access Analyzer validation results |
DEPRECATED.json |
Historical record of 73+ deprecated policies |
An automated workflow runs every 4 hours (Mon-Fri):
- Fetch all AWS Managed IAM Policies via AWS CLI
- Detect new, updated, or deprecated policies
- Validate each policy with AWS Access Analyzer
- Commit changes to git (one commit per policy)
- Notify via social channels and email digests
Inspired by Scott Piper's original aws_managed_policies repository. Thank you, Scott, for pioneering this.
GNU General Public License v3.0 - see LICENSE for details.
