Skip to main content Link Menu Expand (external link) Document Search Copy Copied

Security

Wut.Dev is a read-only, privacy-focused, client-side resource explorer and debugging tool for viewing your AWS resources. There are no ads or third-party hosted libraries or trackers. The AWS JavaScript SDK is used to make API calls directly to AWS from your browser. Wut.Dev does not proxy AWS calls; you can verify this by opening your browser’s network panel and monitoring the network requests made to AWS.

Note: In lieu of third party analytics, Wut.Dev maintains its own opt-in (disabled by default) lightweight endpoint to collect anonymous usage stats that help us improve the service. See: Usage Stats below for more details.

Summary

We collect as little information as possible to provide this service and have engineered it to work entirely within your browser, without any server-side components or dependencies that would require us to store or process your data.

Credential Management

When you enter your AWS credentials (access key, secret, and session token) on wut.dev, they are cached in your browser’s local storage so that they persist after a page refresh. Credentials are never sent elsewhere, and are used solely by the AWS SDK to sign API calls made to AWS endpoints.

AWS Permissions

Wut.Dev uses the identity of the credentials you enter, meaning it has whatever AWS permissions belong to that IAM entity. Picture it as the AWS CLI, just in your browser.

For Organization-related features, the IAM entity you create for wut.dev must have access to the following AWS APIs in your Organization management account. We recommend using organizations:list* and organizations:describe*.

  • organizations:listAccountsForParent
  • organizations:listTagsForResource
  • organizations:listOrganizationalUnitsForParent
  • organizations:listRoots
  • organizations:listPolicies
  • organizations:listTargetsForPolicy
  • organizations:describeOrganization
  • organizations:describePolicy

Additionally, to debug IAM access issues, Wut.Dev uses the following API calls:

  • organizations.listParents
  • organizations.describeAccount
  • iam.listAccountAliases
  • organizations.listPoliciesForTarget
  • iam.getRole
  • iam.getUser
  • iam.listAttachedUserPolicies
  • iam.getPolicy
  • iam.getPolicyVersion
  • iam.simulatePrincipalPolicy
  • cloudtrail.lookupEvents

To assume the Wut.Dev role in member accounts, the management account role must also be given sts:Assume role permission on the resource arn:aws:iam::*:role/WutDotDevAccessRole.

Web Dependencies

Several dependencies are used on Wut.Dev:

These dependencies are minified and served from wut.dev’s domain. There are no third-party hosted dependencies.

Usage Stats

Wut.Dev maintains a lightweight stats service, designed to help us improve the service by determining the pages and features with the highest usage. You can see the stats script, in its entirety, here.

This script collects the following information:

  • The page path (e.g., / or /aws) but not any parameters or query strings
  • The AWS service namespace (e.g., acm certificates)
  • Count of resources (e.g., 120)
  • Whether “Demo Mode” is enabled (e.g., true)
  • Time on page (e.g., 4000ms)
  • The license key, if entered
  • The timestamp and a UUID for session correlation

We do not collect any data about your cloud resource configurations, notes that you’ve saved on Wut.Dev, exported data, or any cloud resource identifiers or account IDs.

While we’d appreciate you enabling stats, and use it to make site improvements, usage stats are disabled by default. You can enable them by clicking “Config” in the site footer and scrolling down to “Usage Stats” and toggling to enable.

Privacy

When you access wut.dev, your IP address and user agent may be logged by our CDN (AWS CloudFront). If usage stats are enabled (see above) we also log the information specified.

If you choose to enter your email address to receive updates, this information is recorded by Google Forms. We do not sell, rent, lease, or otherwise reveal your information to any other parties unless required by law.

Wut.Dev is not affiliated with, endorsed by, or in any way associated with AWS. AWS is a registered trademark of Amazon.com, Inc. Your use of Wut.Dev is your responsibility. We are not responsible for any damages or losses that may occur as a result of using this site. By using this site, you agree to indemnify and hold harmless the site owner and its affiliates from any claims, damages, or losses that may occur as a result of using this site.


Copyright 2025 • Wut.Dev