Within the Security Hardening initiative, we introduced an Access as Code approach for managing AWS permissions. Each repository is assigned a dedicated IAM role with permissions aligned to the principle of least privilege. Role management is centralized in a single repository, where each service is defined using a single YAML file. All changes go through pull requests and approvals, while Terraform and Atlantis automatically create or update IAM roles. As a result, we achieved scalable, auditable, and secure access management without direct access to AWS for engineering teams.