Guardrail for AWS Console is a browser extension that warns before destructive actions in the AWS Management Console. It runs entirely on your device. It has no backend, no account, and no tracking — it does not send any data to us or to anyone else, and it does not read your AWS session cookie.
chrome.storage) and synced across
your own signed-in browser profile by the browser itself. We never receive it.Nothing. The extension makes no network requests to any server we operate — there is no license check, no analytics, and no telemetry. Your AWS resources, account contents, credentials, and session cookie are never read for collection and never leave your browser; the guardrail and banner operate purely on the page in front of you.
To decide whether to guard the current account, the extension reads the visible 12-digit AWS account ID from the Console page DOM (the same number AWS shows you in the top-right account menu). It does not access your AWS session cookie, your IAM credentials, or any AWS API. The ID stays on your device — it is matched against your locally-stored prod / safe lists and used to label the on-screen banner.
The popup contains a link to an external waitlist form. It opens in a new tab only if you click it. Anything you choose to enter there is handled by that form’s provider under their privacy policy — not by this extension.
The extension requests only storage (to save your settings) and access to
console.aws.amazon.com and its subdomains (so it can show the environment banner
and the confirmation dialog on those pages). It does not request
cookies, webRequest, or any access to other sites, and it loads no
remote code — all code is bundled in the package and the source is on GitHub.
Local settings remain until you remove the extension or clear its storage. Because nothing is stored on our side, there is nothing for us to delete. Questions: cowijin@protonmail.com.
If this policy changes, we will update the date above and post the revised version at this URL.