IAMTrail is an unofficial AWS change-archiving service maintained by zoph.io in France. Its core goal is to capture silent updates to AWS Managed IAM Policies. The site says it has been archiving since 2019, covering 1575 AWS managed IAM policies, with full version history and diffs. It also extends coverage to endpoint changes, GuardDuty announcements, and AWS Account Lookup.
In terms of protection model, this is not a traditional blocking-style security product, but a monitoring tool focused on cloud security visibility, permission-change auditing, and threat investigation. IAM policy changes are stored in a Git-style history, with Access Analyzer validation, security warnings, best-practice issues, and redundant statements flagged. It can also be combined with privilege-escalation path definitions to review action-level risk overlap. On the endpoint side, it tracks botocore endpoints.json, covering new regions, new services, and service expansions. On the GuardDuty side, it archives SNS announcements. For management and alerting, it supports RSS, daily/weekly email digests, inline diffs, and optional subscriptions to specific policies or all policies.
The page explicitly states βFree - No account needed,β so the value for money is very strong. Its deployment model is closer to a public web data service and subscription feed: there is no need to install an agent in a customerβs AWS account, and there is no visible requirement to authorize access to a userβs cloud environment. Payment methods, enterprise plans, and SLA details are not disclosed.
Its strengths are clear positioning and the ability to fill the visibility gap around silent changes to AWS managed policies. Git history, diffs, RSS, and email digests are practical for security operations. It also integrates context from known_aws_accounts, iam-dataset, pathfinding.cloud, and other sources. The drawbacks are that it is not an official AWS service and should not be treated as the sole source of truth. The site does not provide details on compliance certifications, enterprise support, native SIEM/SOAR integrations, or data residency. Its coverage is primarily focused on AWS, so it cannot replace a multi-cloud CSPM or IAM governance platform.
IAMTrail is suitable for AWS security teams, compliance staff, cloud architects, and ISV/SaaS teams that rely on AWS managed policies. It can be used for permission-change monitoring, early discovery of new services, and investigations involving CloudTrail and trust policies. The main text does not state how well it works from mainland China, and there is no payment information. If access is unstable, alternatives or complementary tools include AWS IAM Access Analyzer, CloudTrail, AWS Config, Security Hub, Prowler, CloudQuery, and Steampipe.
β This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on iamtrail.com official site.
iamtrail.com is an Switzerland Cybersecurity provider. TG4G tracks its product information, an overall rating of 8.0/10, and a China-accessibility score of China direct-connect friendly. Click "Visit Official Site" to reach iamtrail.com directly.