top of page
< Back

AWS Foundational Security Best Practice

IAM.1

IAM policies should not allow full *" administrative privileges"

Severity

Cloud Platforms

Resources

HIGH

AWS

AWS Identity and Access Management

This AWS control checks whether the default version of AWS Identity and Access Management (IAM) policies (also known as customer managed policies) do not have administrator access with a statement that has Effect": "Allow" with "Action": "*" over "Resource": "*". It only checks for the Customer Managed Policies that you created; but not inline and AWS Managed Policies."

bottom of page