Aws Full Ssm Access

Description

Detects IAM policies that grant unrestricted access to AWS Systems Manager (SSM) through wildcard permissions (ssm:*). Full SSM access is high-risk as it allows complete control over instance management, command execution, and parameter store access which could be exploited for unauthorized system access.

Weakness:

031 - Excessive privileges - AWS

Category: Access Subversion

Detection Strategy

• Analyzes each IAM policy document and its statements

• Identifies policies where Effect is "Allow" and Action includes "ssm:*"

• Reports a vulnerability when a policy grants unrestricted SSM access through wildcard permissions

• Captures the specific policy ARN and statement location where overly permissive SSM access is granted

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.