IAM Policy Formatter

About This Tool

IAM policy JSON documents often arrive as single-line strings from API responses, CloudTrail logs, or minified infrastructure templates, making them nearly impossible to read or review. This formatter applies consistent indentation, sorts keys in a logical order (Version, Statement, Effect, Action, Resource, Condition), and highlights syntax so you can quickly audit what a policy permits. Readable policies are essential for security reviews because a misplaced wildcard or missing condition is easy to miss in unformatted JSON.

When to Use This Tool

• •Reformatting policy JSON pulled from aws iam get-policy-version CLI output before committing it to version control
• •Preparing IAM policies for team code reviews where consistent formatting reduces cognitive overhead
• •Converting minified inline policies from CloudFormation or Terraform state files into human-readable format
• •Standardizing policy formatting across an organization before importing policies into a policy-as-code repository

Frequently Asked Questions

Does formatting change the behavior of an IAM policy?

No. IAM policy evaluation is based entirely on the JSON structure, not whitespace or key ordering. Formatting only changes visual presentation — the effective permissions remain identical. However, consistent formatting can reveal issues like duplicate statements or overly broad Resource arrays that are hard to spot in compact JSON.

What is the maximum size for an IAM policy document?

AWS enforces different limits depending on the policy type. Managed policies can be up to 6,144 characters, inline policies on users are limited to 2,048 characters, and inline policies on roles and groups are limited to 10,240 characters. These limits apply to the JSON without whitespace, which is why formatting for readability does not affect whether a policy exceeds size limits.

Related Learning Guides

• AWS IAM Best Practices25 min read