top of page
IAM.1
IAM policies should not allow full *" administrative privileges"
Severity
Cloud Platforms
Resources
Related Standards
Automated
HIGH
AWS
AWS Identity and Access Management
AWS CIS Foundations v1.2 & v1.4, AWS Foundational Best Practice, AWS Well-Architected, AWS Foundational Technical Review, PCI DSS v3.2.1, CDR, ISO27001, SOC2, NIST CSF, NIST.800-53.r5,
YES
This AWS control checks whether the default version of AWS Identity and Access Management (IAM) policies (also known as customer managed policies) do not have administrator access with a statement that has Effect": "Allow" with "Action": "*" over "Resource": "*". It only checks for the Customer Managed Policies that you created; but not inline and AWS Managed Policies."
bottom of page