diff --git a/iam-dump.py b/iam-dump.py
new file mode 100755
index 0000000..eec3ad6
--- /dev/null
+++ b/iam-dump.py
@@ -0,0 +1,60 @@
+#!/usr/bin/python3
+import boto3
+import jmespath
+import json
+
+# dump user/group/role policies that are attached to at least 1 entity
+
+client = boto3.client('iam')
+
+print("** Users **")
+entity = client.list_users()
+for u in jmespath.search("Users[*].UserName", entity):
+    print(u)
+    policies = client.list_attached_user_policies(UserName=u)
+    name_arn = jmespath.search('AttachedPolicies[*].{PolicyName: PolicyName, PolicyArn: PolicyArn}', policies)
+    for i in name_arn:
+        print("-", i["PolicyName"])
+        with open("Policies/User/"+i["PolicyName"]+'.json', 'w', encoding='utf-8') as f:
+            policy_version = client.get_policy(PolicyArn=i["PolicyArn"])
+            policy_json = client.get_policy_version(PolicyArn=i["PolicyArn"], VersionId=policy_version["Policy"]["DefaultVersionId"])
+            json.dump(policy_json["PolicyVersion"]["Document"], f, ensure_ascii=False, indent=4)
+    inlines = client.list_user_policies(UserName=u)
+    for ip in inlines["PolicyNames"]:
+        print("- (inline)", ip)
+        inline_policy = client.get_user_policy(UserName=u, PolicyName=ip)
+        with open("Policies/User/"+u+"_"+ip+'.json', 'w', encoding='utf-8') as f:
+            json.dump(inline_policy["PolicyDocument"], f, ensure_ascii=False, indent=4)
+
+print("** Groups **")
+entity = client.list_groups()
+for g in jmespath.search("Groups[*].GroupName", entity):
+    print(g)
+    policies = client.list_attached_group_policies(GroupName=g)
+    name_arn = jmespath.search('AttachedPolicies[*].{PolicyName: PolicyName, PolicyArn: PolicyArn}', policies)
+    for i in name_arn:
+        print("-", i["PolicyName"])
+        with open("Policies/Group/"+i["PolicyName"]+'.json', 'w', encoding='utf-8') as f:
+            policy_version = client.get_policy(PolicyArn=i["PolicyArn"])
+            policy_json = client.get_policy_version(PolicyArn=i["PolicyArn"], VersionId=policy_version["Policy"]["DefaultVersionId"])
+            json.dump(policy_json["PolicyVersion"]["Document"], f, ensure_ascii=False, indent=4)
+
+print("** Roles **")
+entity = client.list_roles()
+for r in jmespath.search("Roles[*].RoleName", entity):
+    print(r)
+    policies = client.list_attached_role_policies(RoleName=r)
+    name_arn = jmespath.search('AttachedPolicies[*].{PolicyName: PolicyName, PolicyArn: PolicyArn}', policies)
+    for i in name_arn:
+        print("-", i["PolicyName"])
+        with open("Policies/Role/"+i["PolicyName"]+'.json', 'w', encoding='utf-8') as f:
+            policy_version = client.get_policy(PolicyArn=i["PolicyArn"])
+            policy_json = client.get_policy_version(PolicyArn=i["PolicyArn"], VersionId=policy_version["Policy"]["DefaultVersionId"])
+            json.dump(policy_json["PolicyVersion"]["Document"], f, ensure_ascii=False, indent=4)
+    inlines = client.list_role_policies(RoleName=r)
+    for ip in inlines["PolicyNames"]:
+        print("- (inline)", ip)
+        inline_policy = client.get_role_policy(RoleName=r, PolicyName=ip)
+        with open("Policies/Role/"+r+"_"+ip+'.json', 'w', encoding='utf-8') as f:
+            json.dump(inline_policy["PolicyDocument"], f, ensure_ascii=False, indent=4)
+