The IAM Policy Copilot

Save time and reduce your attack surface by automating the creation of IAM policies for AWS services.

Get notified when is available on GCP or Azure

Backed by:


Accessible with a single command

Bolster your IAM with companion, fully integrated into your development process.


Activate in your workflow with a simple line in your YML


Get least-privilege policies based
on real-time API log activity


Apply remediations in your Terraform file or with ready-to-export JSON

Experts Know Best

Slauth enables teams to focus on delivery and eliminate security risks by automating IAM policy creation. Less to worry about, more to deliver!
Teddy Funger
Formerly Red Hat is exactly what I would have loved to have when deploying AWS infrastructure at Balsamiq a couple of years back! So happy it's here now!
Luis Arias


Automate IAM policy creation

Get relevant IAM recommendations as you code and where you code.

Policy generation in real-time

Shift-left your IAM efforts by creating IAM policies for services as they become ready to be deployed.

Right-sized permissions based on real activity

No more wildcard or guesswork! Deploy only IAM permissions according to the outcomes of your end-to-end tests.

Recommendations directly in your IaC

Forget about AWS console and Access Analyzer. With, IAM recommendations are available where you code, merge and deploy.


Remove IAM blind spots

Unlock IAM analytics to discover how AWS services are being utilized in your environments for maximum efficiency in development and maintenance.

Improved logs for a complete view of your user activity and events

Get rich logs, including data plane observability, with additional context on the origin of API activity and machine-identities activity during the different SDLC stages.

Versioning for better control and early remediation actions

Detect and document IAM changes to detect anomalies early or conduct root cause analysis.

Auditing and reporting features to augment your SIEM

Store and validate your IAM events for compliance with regulations such as SOC, PCI, and HIPAA.

Ready to Get Started?

Free 30 day Trial

Perfect plan to get started

A free plan grants you access to some cool features of Slauth.

200 IAM policies auto-generation

GitLab/GitHub integrations

Multiple AWS accounts

Terraform integration Event Activity Dashboard

Slack support

What is addresses the problem of managing least privilege permissions by simplifying the process of creating and maintaining custom IAM roles and policies.

Our solution offers the following key features:

- Automated Permission Analysis:  analyzes API calls to AWS from your end to end tests and automatically determine the necessary permissions for your automation user based on the specific resources and actions defined in your infrastructure. This eliminates the need for manual analysis and policy creation.

- Custom IAM Role and Policy Generation: Based on the analyzed permissions, generates custom IAM roles and policies tailored to your specific infrastructure requirements. These roles and policies will adhere to the principle of least privilege, granting the automation user access to only the resources and actions necessary to perform its tasks.

- Seamless Integration: Our solution integrates seamlessly with your existing CI/CD pipeline, making it easy to adopt without disrupting your workflow.

What are some of the benefits of using

By using, you can effectively manage least privilege permissions, reducing security risks while streamlining the process of maintaining custom IAM roles and policies.

You can also:
- Reduce the time it takes to set up a new AWS service
- Eliminate the need to manage least privilege permissions manually
- Streamline the process of setting up and maintaining machines identities
- Ensure compliance with corporate security policies

How do I set-up in my CI/CD pipeline?

To get started, simply sign up on our website to generate your workspace. You can also find detailed set-up instructions in our documentation.

During the onboarding process, we'll guide you on how to add to your end-to-end test workflow and authenticate with your unique API key. In fact, it's as easy as adding just one line to your GitHub Actions! 

This action will allow's proxy to be initiated in the background whenever you run your test workflow.

What are the data shared with to generate IAM policies?

All API traffic flows through's proxy but we only keep metadata essential for the creation of the relevant IAM policy. We never capture or share data inside the object. Each event includes data captured from the API call’s HTTP request and response:

- Session Identifier – your unique identifier

- Event Time – when the magic happened

- HTTP Request with:
Target Host – where the request is headedScheme  
HTTP / HTTPS / … – ensuring secure communication
Method – POST / PUT / GET / DELETE / … – the action taken
Path & Query String – the specific location and details
Headers & Body – the essential information for smooth communication

- HTTP Response with:
Status Code – the outcome of your request
Headers – additional response details
Body – only included when the Status Code is 3xx, 4xx, or 5xx – to help you understand and resolve any issues