Lightweight Python CLI tool that scans AWS IAM policy JSON files for overly permissive statements and maps findings to CJIS v6.0, FedRAMP, and NIST 800-53 compliance controls.

Automated AWS compliance guardrails using Service Control Policies and CloudFormation. Controls enforce audit log protection, encryption at rest, boundary protection, and least functionality, mapped to CJIS Security Policy v6.0, FedRAMP High baseline, and NIST 800-53 Rev. 5.

Event-driven compliance monitoring and auto-remediation using AWS Config, EventBridge, Lambda, and SSM. Maps to NIST 800-53, FedRAMP High, and CJIS v6.0 controls.