AWS Identity and Access Manager (IAM) Access Analyzer now provides custom policy checks to validate that IAM policies adhere to your security standards ahead of deployments. Custom policy checks use the power of automated reasoning—security assurance backed by mathematic proof— to help security teams proactively detect nonconformant updates to policies. For example, IAM policy changes that are more permissive than their previous version. Security teams can use these checks to streamline their reviews, automatically approving policies that conform with their security standards, and inspecting more deeply when they don’t. This new kind of validation provides you higher security assurance in the cloud.
Source:: Amazon AWS