Excessive privileges - Wildcards
Description
- Privileges are granted with wildcard (*) in critical actions. - Many roles have unnecessary privileges over IAM. - Some write actions allow the use of Wildcards(*).
Impact
Perform sensitive actions with roles that do not need it.
Recommendation
Grant privileges strictly to the roles that need it.
Threat
Internet attacker with access to the machines.
Expected Remediation Time
⏱️ 15 minutes.
Requirements
095 - Define users with privileges096 - Set user's required privileges186 - Use the principle of least privilegeRules
Aws Public BucketsAws Public QueueAws Master Keys ExposedAws Group Permissive Inline PoliciesAws Private Buckets Not Blocking AclsAws Policy MisconfiguredAws Permissive PolicyAws Wildcard Resource Write ActionJson Yaml Wildcard Action In Trust PolicyTerraform Wildcard Resource All Actions LocalsTerraform Trust Policy Wildcard ActionJson Yaml Bucket Policy Allows Public AccessTerraform Bucket Policy Allows Public AccessTerraform Locals Bucket Policy Public AccessJson Yaml Keys Exposed To EveryoneTerraform Write Actions Wildcard Resource LocalsJson Principal Wildcard All PrincipalsJson Yaml Write Actions Wildcard ResourceConfig Files Wildcard Allow UsersJson Yaml Wildcard Resource In PolicyTerraform Policy Principal WildcardTerraform Public Send Message AllowedJson Yaml Excessive Privileges WildcardsTerraform Wildcard Resource All ActionsTerraform Write Actions Wildcard ResourceJson Yaml Public Queue ExposureJson Yaml Wildcard Actions In PolicyFixes