🌰 How we access your AWS account

Plain-language summary of what Savings Squirrel Copilot can and can't do once you connect an account.

Read-only, by construction

You connect your AWS account by deploying a CloudFormation template we generate for you. It creates one IAM role with a fixed, read-only permission set — we never ask for write access, and there is no way for us to request broader permissions later without you deploying a new template. Today that permission set is:

External ID, not a shared secret

The trust policy requires a random, per-account external ID (the cross-account access pattern AWS itself recommends) — nobody else can assume the role, even if they guessed our account ID.

Where it runs

Account scanning runs in AWS us-east-1; this site runs on Vercel. Findings are stored in a dedicated Postgres database; nothing is shared with or sold to third parties.

What we haven't done yet

We're an early-stage product and don't have a SOC 2 report yet — that's a multi-month undertaking we're deliberately deferring until it's actually warranted. If a formal audit is a hard requirement for your organization today, tell us — it changes our timeline.

← Back