Shieldly CLI

Analyze AWS IAM policies and CloudFormation templates for security risks from any terminal, shell script, or CI/CD pipeline.

Install

npm install -g @shieldly/cli

Try it free — no account needed

Both analyze-iam and analyze-cf run in demo mode without an API key (5 free analyses, no signup required):

shieldly analyze-iam policy.json
shieldly analyze-cf template.yaml

Commands

CommandDescription
shieldly analyze-iam <policy-file>Analyze an IAM policy for security issues
shieldly analyze-cf <template-file>Analyze a CloudFormation template
shieldly api-keys list|create|revokeManage API keys
shieldly completion bash|zsh|installShell completion

Global options

OptionDescription
--api-key <key>API key (or set SHIELDLY_API_KEY)
--versionShow version
-h, --helpShow help

Free tier

ModeLimitRequires
Demo (no key)5 analyses totalNo account
Free account20 units/dayFree sign-up
Builder150 units/dayPaid plan
Pro300 units/dayPaid plan
Team600 units/dayPaid plan

Analysis units depend on input size — a small IAM policy costs 1 unit; large CloudFormation templates cost more. Compare plans →

Use in CI

- name: AI-Powered IAM Analysis
  run: |
    npm install -g @shieldly/cli
    shieldly analyze-iam ./iam-policy.json
  env:
    SHIELDLY_API_KEY: ${{ secrets.SHIELDLY_API_KEY }}

For pull-request gating with PR comments instead of a CLI run, use the Shieldly GitHub Action.

Privacy

Shieldly does not log your policy input. Cache keys are one-way SHA-256 hashes of the input.