Shieldly CLI
Analyze AWS IAM policies and CloudFormation templates for security risks from any terminal, shell script, or CI/CD pipeline.
Install
npm install -g @shieldly/cliTry it free — no account needed
Both analyze-iam and analyze-cf run in demo mode without an API key (5 free analyses, no signup required):
shieldly analyze-iam policy.json
shieldly analyze-cf template.yamlCommands
| Command | Description |
|---|---|
| shieldly analyze-iam <policy-file> | Analyze an IAM policy for security issues |
| shieldly analyze-cf <template-file> | Analyze a CloudFormation template |
| shieldly api-keys list|create|revoke | Manage API keys |
| shieldly completion bash|zsh|install | Shell completion |
Global options
| Option | Description |
|---|---|
| --api-key <key> | API key (or set SHIELDLY_API_KEY) |
| --version | Show version |
| -h, --help | Show help |
Free tier
| Mode | Limit | Requires |
|---|---|---|
| Demo (no key) | 5 analyses total | No account |
| Free account | 20 units/day | Free sign-up |
| Builder | 150 units/day | Paid plan |
| Pro | 300 units/day | Paid plan |
| Team | 600 units/day | Paid plan |
Analysis units depend on input size — a small IAM policy costs 1 unit; large CloudFormation templates cost more. Compare plans →
Use in CI
- name: AI-Powered IAM Analysis
run: |
npm install -g @shieldly/cli
shieldly analyze-iam ./iam-policy.json
env:
SHIELDLY_API_KEY: ${{ secrets.SHIELDLY_API_KEY }}For pull-request gating with PR comments instead of a CLI run, use the Shieldly GitHub Action.
Privacy
Shieldly does not log your policy input. Cache keys are one-way SHA-256 hashes of the input.