Keep AWS Identity & Access Management (IAM) in compliance with

the Principle of Least Privilege

of granted AWS permissions 

are not used in 90 days.



The idea is simple:

give only permissions that are

required to get the job done.


How it works

  • We passively monitor AWS cloud activity to see which permissions are used

  • Then visualize service usage summary and show findings

  • Finally, build security advices to take away unused permissions

Coming soon!

  • Automatic workflow to cut permissions with easy rollback option

  • Extension for developers to simple request additional permissions

Inspired by NETFLIX Repokid

In Action



AWS accounts

With a few clicks in the portal, connect your AWS accounts to the system


Continuously analyze cloud events

Automatically analyze all cloud activity via AWS Cloud Trail events   


Detect unused



Get findings and

take action

IAMkeeper intelligently detect policy permissions that need to be reduced or updated 

Review detailed findings and advices for further remediation or prevention

About Us

We started IAMkeeper as an internal tool within our organization to support administrator's and developer's demands to allocate and control cloud permissions in AWS.

Now we are here to make it publicly available and help other teams and organizations to simplify the way to follow the standard security advice of granting least privilege, hiding all complexities of managing AWS policies.


Be in Touch

We want to hear from you!




Thanks for your message! We will get back soon.