If you're running multiple AWS accounts, you probably have hundreds of IAM roles with trust policies you've never audited. I built MII to solve this.
What it does:
Scans all IAM roles across your AWS accounts (read-only, uses IAMReadOnlyAccess)
Parses trust policies to find OIDC federations, cross-account trust, wildcard principals
Builds a graph of "who can assume whom"
Scores every role based on risk factors (admin access + OIDC = critical)
Simulates attack paths through the trust chain
Supports AWS Organizations for auto-discovering all accounts
Findings it catches:
OIDC role with AdministratorAccess (any CI/CD pipeline = full admin)
Cross-account trust without ExternalId (confused deputy)
Wildcard principals in trust policies (any AWS identity worldwide can assume)
Unused roles with active trust policies (dormant backdoors)
Self-hosted, MIT licensed, Docker Compose to get started in 5 minutes.
United States
NORTH AMERICA
Related News

Master Local Fine-Tuning with "gemma-trainer"
8h ago
Building a Plugin-Free Newsletter Popup on WordPress: Custom REST Endpoint Mailchimp API v3
9h ago
ภาษาโปรแกรมมิ่งที่ syntax ง่าย ทำให้ AI หลอนน้อยลง จริงหรือ?
9h ago
How I Built a File-Timestamp-Based Feedback Loop to Enforce AI Output Quality
9h ago
GitHub Trending Digest — 2026-07-07
9h ago