Posted On: Sep 10, 2015

Today, AWS Identity and Access Management added two new APIs that enable you to automate validation and auditing of permissions for your IAM users, groups, and roles. The iam:SimulatePrincipalPolicy API allows you to programmatically audit permissions in your account and validate a specific user’s permissions. The iam:SimulateCustomPolicy provides a way to verify a new policy before applying it. These new APIs provide programmatic access to the IAM policy simulator, which allows you to test the effects of IAM access control policies before committing them into production using the AWS CLI or any AWS SDK.

To learn more, visit the AWS Security Blog and the API documentation.