iam-policy-autopilot

Name: iam-policy-autopilot
Rating: 2.5 (359 reviews)
Author: awslabs

by awslabs·★ 359·Score 50

AWS IAM Policy Autopilot helps AI coding assistants create baseline IAM policies through code analysis.

developer-toolssecurityops-infra

Forks

Open issues

this month

Last commit

2d ago

Indexed

Overview

IAM Policy Autopilot is a Rust-based MCP server and CLI tool that analyzes application code to generate identity-based AWS IAM policies. It supports multiple programming languages including Python, Go, TypeScript, JavaScript, and Java. The tool accelerates development by providing reliable, up-to-date baseline policies that reduce access troubleshooting time. It integrates with AI coding assistants through the Model Context Protocol, enabling automatic policy generation during development workflows.

Try asking AI

After installing, here are 5 things you can ask your AI assistant:

you:AI coding assistants generating IAM policies during application development

you:Security teams creating baseline policies for AWS applications

you:DevOps teams automating IAM policy creation in CI/CD pipelines

you:Which programming languages does IAM Policy Autopilot support?

you:How can I improve policy accuracy?

When to choose this

Choose this when developing AWS applications with multiple languages and want to automate IAM policy generation with AI coding assistants.

When NOT to choose this

Don't choose this if you need resource-based policies (like S3 bucket policies) or are working with non-AWS environments.

Tools this server exposes

2 tools extracted from the README

generate-policies
Generate IAM policies from source code analysis
fix-access-denied
Fix AccessDenied errors by analyzing and optionally applying policy adjustments

Note: Inferred from CLI usage section which mentions commands but doesn't explicitly list MCP tool names

Comparable tools

aws-iam-policy-generator-cliterraform-aws-iam-policyaws-iam-policy-simulator

Installation

Using uv (Recommended)

Install [uv](https://docs.astral.sh/uv/getting-started/installation/) from Astral.

No additional installation needed - you can run IAM Policy Autopilot directly using uvx iam-policy-autopilot.

Using pip

Install [pip](https://pip.pypa.io/en/stable/installation/).

pip install iam-policy-autopilot

MCP Server Configuration

For Claude Desktop:

{
  "mcpServers": {
    "iam-policy-autopilot": {
      "command": "iam-policy-autopilot",
      "args": ["mcp-server"],
      "env": {
        "AWS_PROFILE": "your-profile-name",
        "AWS_REGION": "us-east-1"
      }
    }
  }
}

FAQ

Which programming languages does IAM Policy Autopilot support?: It supports Python, Go, TypeScript, JavaScript, and Java applications using AWS SDKs.
How can I improve policy accuracy?: Use the --service-hints option to specify only the AWS services your application actually uses.

Compare iam-policy-autopilot with

iam-policy-autopilot vs mcp-server-chart iam-policy-autopilot vs everything iam-policy-autopilot vs filesystem iam-policy-autopilot vs time iam-policy-autopilot vs sequentialthinking

GitHub →

Last updated 2026-05-17 · Auto-generated from public README + GitHub signals.