IAM Policy Minifier

About This Tool

AWS enforces strict character limits on IAM policy documents — 6,144 characters for managed policies and as low as 2,048 for user inline policies. When policies grow complex with many actions, resources, and conditions, you can hit these limits quickly. The IAM Policy Minifier strips all unnecessary whitespace and provides a before/after size comparison so you can see exactly how many characters you have recovered and whether your policy fits within the applicable limit.

When to Use This Tool

• •Shrinking a managed policy that has exceeded the 6,144-character limit after adding new permissions
• •Reducing inline policy size for IAM users where the 2,048-character limit is particularly restrictive
• •Comparing minified size against AWS limits before deploying via CloudFormation or Terraform to avoid deployment failures
• •Optimizing policies stored in DynamoDB or SSM Parameter Store where smaller payloads reduce read costs

Frequently Asked Questions

How does AWS count characters in IAM policies?

AWS counts the policy document after removing all whitespace — spaces, tabs, and newlines are excluded. This means a pretty-printed 8,000-character policy might actually be only 4,500 characters as far as AWS limits are concerned. The minifier shows you the exact count AWS would calculate, so you know your true margin.

What strategies exist beyond minification to reduce policy size?

If minification alone is not enough, you can use wildcard actions (s3:Get* instead of listing every Get action), combine similar statements, use policy variables like ${aws:username} to reduce duplicate statements per user, or split the policy into multiple managed policies (up to 10 can be attached to a single role). Moving from inline to managed policies also gives you a higher character limit.

Related Learning Guides

• AWS IAM Best Practices25 min read