Changelog

What shipped, when. Features and free tools only — no internal refactors.

  1. CloudFormation IAM Checker (free, no signup)

    Client-side tool that parses a CloudFormation template, extracts embedded IAM roles/policies/trust documents, and flags wildcards, escalation actions, admin-managed policies, and open trust relationships.

  2. IAM policy templates library

    10 copy-paste least-privilege IAM policy templates — S3 read-only, Lambda execution, EKS IRSA, GitHub Actions OIDC deploy role, DynamoDB CRUD, EC2 describe-only, CloudWatch Logs write, cross-account read-only, SQS consumer, and KMS encrypt-only — each with the policy JSON and why it is scoped that way.

  3. Shareable score badges

    Every analysis can generate a shields.io-style SVG badge for READMEs and CI logs. The CLI and GitHub Action print a ready-to-paste badge link alongside findings.

  4. llms.txt for AI answer engines

    Structured site map at /llms.txt so AI assistants and answer engines can index Shieldly’s IAM reference material directly.

  5. IAM privilege-escalation cheat sheet

    Single-page reference covering all 16 tracked IAM privilege-escalation paths — the permission combination, attacker impact, and fix for each.

  6. S3 Bucket Policy Checker (free, no signup)

    Client-side tool that flags public-access risk and overly broad write permissions in an S3 bucket policy, with Block Public Access caveats explained.

  7. Trust Policy Explainer (free, no signup)

    Client-side tool that explains who can assume a role from its trust policy and flags confused-deputy risk (missing ExternalId, overly broad principals).

  8. Compare pages: AWS Security Hub, Snyk IaC, Trivy, Cloud Custodian, Wiz

    Head-to-head comparison pages against the most-searched AWS security and IaC-scanning tools, covering what each does well and where Shieldly’s AI-Powered analysis fits alongside them.

  9. IAM Policy Linter (free, no signup)

    The first client-side browser tool: paste a policy and get instant wildcard, missing-condition, and overpermission findings with no account required.

  10. IAM privilege-escalation reference + glossary

    A hub covering every known IAM privilege-escalation method (permission combo, attacker impact, fix) plus an 8-term IAM glossary in plain English.