top of page

IAM.21

IAM customer managed policies that you create should not allow wildcard actions for services

Severity

Cloud Platforms

Resources

Related Standards

Automated

LOW

AWS

AWS Identity and Access Management

AWS Foundational Best Practice, NIST.800-53.r5,

This control checks whether the IAM identity-based custom policies have Allow statements that grant permissions for all actions on a service. The control fails if any policy statement includes Effect": "Allow" with "Action": "Service:*"."

bottom of page