Comment by slalmeidabbm

We're currently focusing on a full shift-left approach to policy creation. Using AWS/GCP logs to create policies would work very well but it would need a few things to happen:

1. The service needs to be deployed 2. To produce an actual result, the calls that make use of the sdk need to be triggered

This is something that would be better included as an addition to monitor policy usage and adjust.