An IAM Managed Policy is an object in AWS that, when associated with an identity or resource, defines its permissions. In other words, which actions an identity can perform on which resources. AWS Key Management Service (KMS) is a managed service that gives the ability to easily create, store and manage the cryptographic keys used to protect your data. It was found that the policy '{AwsIamManagedPolicy}' allows decryption actions on all KMS keys. Granting decryption permissions over all the KMS keys gives high privileges to the associated principal, allowing it to use KMS decryption actions on all existing and future resources.