Aws Group Permissive Inline Policies
Description
Detects AWS IAM groups that have inline policies with overly permissive permissions. Inline policies attached directly to IAM groups that grant broad or unrestricted access create security risks by potentially allowing excessive privileges to group members.
Detection Strategy
• Scans all IAM groups in the AWS account for inline policies
• Triggers when an inline policy attached to a group contains overly permissive statements like '*' in actions or resources
• Examines each inline policy document for dangerous permissions that grant broad access across AWS services
• Reports vulnerabilities at the individual policy level, identifying which group and policy contains excessive permissions
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan.If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.