CloudWiki
Rules
Critical

IAM Role inline policy is over permissive

Security & Compliance
APRA
MAS
NIST4
FTR
Description

To minimize the risk of unauthorized access to your AWS services, it's crucial to grant appropriate permissions to your Amazon IAM roles. It's important to avoid overly permissive policies and adhere to IAM security best practices, such as implementing the Principle of Least Privilege. This principle ensures that every identity, process, or system is granted only the minimum necessary permissions to perform its required tasks, also known as the principle of least authority. Therefore, it's essential to configure the policies attached to your IAM roles in a way that follows this principle.

Remediation
Enforced Resources
IAM Role
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.