In AWS, Identity and Access Management (IAM) policies are the foundation of access control throughout the cloud. The complexity and expressiveness of these policies present significant challenges to cloud security professionals when it comes to modeling access and answering basic questions such as "who can access this resource?" or "what are the effects of this policy change?"

This presentation will walk practitioners through a three-part journey
* Introducing new OSS building blocks which can remove the guesswork of writing IAM policies
* Using these building blocks to uplevel several cloud security pillars
* Frameworks to simplify and distill the nuance of cloud access into insights for builders and leaders at their own companies

This talk will include the release of above open source tooling to support and facilitate the approaches it presents.