Aws Full Ssm Access
Description
Detects IAM policies that grant unrestricted access to AWS Systems Manager (SSM) through wildcard permissions (ssm:*). Full SSM access is high-risk as it allows complete control over instance management, command execution, and parameter store access which could be exploited for unauthorized system access.
Detection Strategy
• Analyzes each IAM policy document and its statements
• Identifies policies where Effect is "Allow" and Action includes "ssm:*"
• Reports a vulnerability when a policy grants unrestricted SSM access through wildcard permissions
• Captures the specific policy ARN and statement location where overly permissive SSM access is granted
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan.If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.