Why use this tool?
With an over-permissive IAM role assigned to a function, an attacker my leverage an application layer vulnerability in your function to perform lateral movement into other resources in your AWS account. You need to make sure you craft your policies with least privilege in mind.
