top of page
< Back

AWS Foundational Security Best Practice

IAM.21

IAM customer managed policies that you create should not allow wildcard actions for services

Severity

Cloud Platforms

Resources

LOW

AWS

AWS Identity and Access Management

This control checks whether the IAM identity-based custom policies have Allow statements that grant permissions for all actions on a service. The control fails if any policy statement includes Effect": "Allow" with "Action": "Service:*"."

6pl org white ai logo.png

(C) Copyright 2023 6PILLARS CLOUD AUTOMATION PTY LTD

bottom of page