Risk Level: High
Cloud Entity: IAM User
CloudGuard Rule ID: D9.CFT.IAM.26
Covered by Spectral: Yes
Category: Security, Identity, & Compliance
AWS_IAM_User should not have Policies contain-any [ PolicyDocument.Statement contain-any [ Effect='Allow' and Action='*' ] ]
Policies.PolicyDocument.Statement.Action to a specific set of actions.
An IAM user is an entity that you create in AWS to represent the person or service that uses it to interact with AWS. A user in AWS consists of a name and credentials.
- AWS CloudFormation ruleset
Updated 3 months ago