Changelog
What shipped, when. Features and free tools only — no internal refactors.
CloudFormation IAM Checker (free, no signup)
Client-side tool that parses a CloudFormation template, extracts embedded IAM roles/policies/trust documents, and flags wildcards, escalation actions, admin-managed policies, and open trust relationships.
IAM policy templates library
10 copy-paste least-privilege IAM policy templates — S3 read-only, Lambda execution, EKS IRSA, GitHub Actions OIDC deploy role, DynamoDB CRUD, EC2 describe-only, CloudWatch Logs write, cross-account read-only, SQS consumer, and KMS encrypt-only — each with the policy JSON and why it is scoped that way.
Shareable score badges
Every analysis can generate a shields.io-style SVG badge for READMEs and CI logs. The CLI and GitHub Action print a ready-to-paste badge link alongside findings.
llms.txt for AI answer engines
Structured site map at /llms.txt so AI assistants and answer engines can index Shieldly’s IAM reference material directly.
IAM privilege-escalation cheat sheet
Single-page reference covering all 16 tracked IAM privilege-escalation paths — the permission combination, attacker impact, and fix for each.
S3 Bucket Policy Checker (free, no signup)
Client-side tool that flags public-access risk and overly broad write permissions in an S3 bucket policy, with Block Public Access caveats explained.
Trust Policy Explainer (free, no signup)
Client-side tool that explains who can assume a role from its trust policy and flags confused-deputy risk (missing ExternalId, overly broad principals).
Compare pages: AWS Security Hub, Snyk IaC, Trivy, Cloud Custodian, Wiz
Head-to-head comparison pages against the most-searched AWS security and IaC-scanning tools, covering what each does well and where Shieldly’s AI-Powered analysis fits alongside them.
IAM Policy Linter (free, no signup)
The first client-side browser tool: paste a policy and get instant wildcard, missing-condition, and overpermission findings with no account required.
IAM privilege-escalation reference + glossary
A hub covering every known IAM privilege-escalation method (permission combo, attacker impact, fix) plus an 8-term IAM glossary in plain English.