# Install cliam with Homebrew, Nix

Cloud agnostic IAM permissions enumerator. Version 2.2.0 via Homebrew; verified from local package data.

## Install

```sh
sudo av install brew:cliam
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install cliam
```

  Evidence: local Homebrew formula metadata

### Linux

- Nix (92%):

```sh
nix profile install nixpkgs#cliam
```

  Evidence: nixpkgs package indexes: pkgs/by-name/cl/cliam/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

## Package facts

- **Package key:** brew:cliam
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/cliam>
- **Version:** 2.2.0
- **Source summary:** Cloud agnostic IAM permissions enumerator
- **Homepage:** <https://github.com/securisec/cliam>
- **Repository:** <https://github.com/securisec/cliam>
- **Upstream docs:** <https://github.com/securisec/cliam#readme>
- **License:** GPL-3.0-or-later
- **Source archive:** <https://github.com/securisec/cliam/archive/refs/tags/2.2.0.tar.gz>
- **Generated:** 2026-07-08T07:18:31+00:00

## Executables

- cliam (cli)
- cliam (alias)

## Build dependencies

- go

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux

## Freshness

- Page generated: 2026-07-08
- Package-manager version: 2.2.0
- Local data: ok
- Upstream repository: https://github.com/securisec/cliam
- Upstream latest detected: 2.2.0 (current)
- info: No package-manager update timestamp was available.
## Project history and usage

cliam is a multi-cloud IAM permissions enumeration CLI for checking what AWS, GCP, Azure, and Firebase credentials can do.

### Project history

The official README presents cliam as a work-in-progress cloud permissions identifier with provider-specific subcommands and both broad enumeration and service-group modes.

### Adoption history

Its Homebrew and Nix packaging puts a security assessment binary into common workstation package managers, useful for operators who want repeatable installs outside a language-specific toolchain.

### How it is used

Users run provider subcommands such as `cliam aws`, `cliam gcp`, or `cliam azure`, supplying credentials through provider environment variables, profiles, service-account paths, or command-line flags.

### Why package nerds care

The package matters as a compact cloud-security CLI: it maps provider credentials to effective permissions without requiring a full security scanner stack.

### Related projects

- The README relates cliam to cloud provider IAM and credential systems for AWS, GCP, Azure, Firebase, and planned Oracle support.

### Sources

- Official GitHub README: cloud-agnostic IAM permissions enumeration, provider coverage, installation, usage, and credential handling.


## Security Notes

infrastructure mutation or orchestration signal.

- **Geiger risk:** orange / medium
- infrastructure mutation or orchestration signal

## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** cliam
- **Version Scheme:** 0
- **Revision:** 0
- **Head Version:** HEAD
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** head, stable

## Other Package-Manager Records

- Nix - cliam: normalized package name match | nixpkgs package indexes: pkgs/by-name/cl/cliam/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1


## Related links

- [Cloud CLI packages](https://www.automicvault.com/pkg/cloud-clis/) - Belongs to a cloud or infrastructure command family.
- [Source-control packages](https://www.automicvault.com/pkg/source-control-tools/) - Belongs to a source-control command family.
- [Secret-risk packages](https://www.automicvault.com/pkg/secret-risk-packages/) - Has protected-tool coverage, approval-gate, or non-low Geiger security signals.
- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [go](https://www.automicvault.com/pkg/brew/go/) - Build dependency declared by Homebrew.
- [cloudfox](https://www.automicvault.com/pkg/brew/cloudfox/) - Shares av.db curated category or tags: aws, azure, cli, cloud-security, gcp.
- [principalmapper](https://www.automicvault.com/pkg/brew/principalmapper/) - Shares av.db curated category or tags: aws, cli, cloud-security, iam, security.
- [yatas](https://www.automicvault.com/pkg/brew/yatas/) - Shares av.db curated category or tags: aws, cli, cloud-security, gcp, security.
- [cloudsplaining](https://www.automicvault.com/pkg/brew/cloudsplaining/) - Shares av.db curated category or tags: aws, cli, cloud-security, iam, security.
- [parliament](https://www.automicvault.com/pkg/brew/parliament/) - Shares av.db curated category or tags: aws, cli, cloud-security, iam, security.
- [terraform-iam-policy-validator](https://www.automicvault.com/pkg/brew/terraform-iam-policy-validator/) - Shares av.db curated category or tags: aws, cli, cloud-security, iam, security.
- [trailscraper](https://www.automicvault.com/pkg/brew/trailscraper/) - Shares av.db curated category or tags: aws, cli, cloud-security, iam, security.
- [cfripper](https://www.automicvault.com/pkg/brew/cfripper/) - Shares av.db curated category or tags: aws, cli, cloud-security, security.

## Combined YAML source

View the package source record on GitHub. [combined/cliam.yml](https://github.com/automic-vault/db/blob/main/combined/cliam.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
