PolicyPulse

PolicyPulse is a web app that continuously audits and fixes IAM and resource-policy drift across serverless stacks (AWS Lambda, API Gateway, EventBridge, SQS, DynamoDB). It connects to your cloud accounts, builds an inventory of functions and their effective permissions, and flags risky patterns like wildcard actions, public invoke paths, over-broad roles, and accidental cross-account access. It then generates least-privilege policy patches and pull requests against your IaC repo (Terraform/CDK/CloudFormation), so changes are reviewable and reversible. It also watches for “permission creep” from quick hotfixes and console edits, and can enforce guardrails via CI checks. This is a traditional app with AI-assisted policy suggestions (AI + rules), because pure AI security advice is unreliable without deterministic validation.