Aws Permissive Role Policies
Description
Detects AWS IAM roles that have overly permissive inline policies which could grant excessive privileges. Overly permissive IAM policies can lead to privilege escalation and unauthorized access to AWS resources if the role is compromised.
Detection Strategy
• Scans all IAM roles in the AWS account
• For each role, examines all inline policies attached directly to the role
• Alerts when a role policy contains overly permissive statements like '*' permissions or dangerous actions
• Reports the specific role ARN and policy name that contains dangerous permissions
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.