Terraform Allow Notprincipal Trust Policy
Description
Identifies AWS IAM roles that use NotPrincipal in their trust policy, which is a high-risk configuration that could grant excessive permissions. Using NotPrincipal is dangerous as it explicitly denies listed principals but allows all others, potentially creating overly permissive access policies that violate the principle of least privilege.
Detection Strategy
• Check Terraform configuration files for aws_iam_role resource definitions
• Analyze the role's trust policy (assume role policy) for NotPrincipal statements
• Report a vulnerability if an IAM role uses NotPrincipal in its trust policy as this indicates overly permissive access control
Vulnerable code example
resource "aws_iam_role" "vulnerable_role" {
name = "vulnerable_role"
assume_role_policy = jsonencode({ # Vulnerable: Uses NotPrincipal which can lead to overly permissive access
Version = "2012-10-17"
Statement = [
{
Effect = "Allow"...✅ Secure code example
resource "aws_iam_role" "secure_role" {
name = "secure_role"
assume_role_policy = jsonencode({ # Secure: Uses Principal to explicitly allow only EC2 service
Version = "2012-10-17"
Statement = [
{
Effect = "Allow"...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.