Risk Level: Low
Cloud Entity: IAM Policy
CloudGuard Rule ID: D9.AWS.IAM.52
Category: Security, Identity, & Compliance
IamPolicy where arn!='arn:aws:iam::aws:policy/AdministratorAccess' should not have document.Statement contain-any [ $ with [ Effect='Allow' and Action='*' ] ]
Perform the following to detach the policy that has excessive administrative privileges:
- Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/.
- In the navigation pane, click Policies and then search for the policy name.
- Select the policy that needs to be deleted.
- In the policy action menu, select first Detach.
- Select all Users, Groups, Roles that have this policy attached.
- Click Detach Policy.
- In the policy action menu, select Detach.
From Command Line:
- Lists all IAM users, groups, and roles that the specified managed policy is attached to, identify and note any excessive privileges.
aws iam list-entities-for-policy --policy-arn policy_arn
- Detach the policy from all IAM Users:
aws iam detach-user-policy --user-name iam_user --policy-arn policy_arn
- Detach the policy from all IAM Groups:
aws iam detach-group-policy --group-name iam_group --policy-arn policy_arn
- Detach the policy from all IAM Roles:
aws iam detach-role-policy --role-name iam_role --policy-arn policy_arn
You manage access in AWS by creating policies and attaching them to IAM identities or AWS resources. A policy is an object in AWS that, when associated with an entity or resource, defines their permissions. AWS evaluates these policies when a principal, such as a user, makes a request. Permissions in the policies determine whether the request is allowed or denied. Most policies are stored in AWS as JSON documents.
- AWS CloudGuard Best Practices
- AWS CloudGuard SOC2 based on AICPA TSC 2017
- AWS CloudGuard Well Architected Framework
- AWS HITRUST
- AWS HITRUST v11.0.0
- AWS ITSG-33
- AWS MAS TRM Framework
- AWS MITRE ATT&CK Framework v10
- AWS MITRE ATT&CK Framework v11.3
- AWS NIST 800-53 Rev 5
- AWS PCI-DSS 4.0
Updated 5 months ago