IAM Managed Policy with Administrative Privileges

IAM misconfigurations

IAM Managed Policy with Administrative Privileges

Risk Level

Hazardous (3)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
cis_8
CPRA
Data Security Posture Management (DSPM) Best Practices
essential_8_au
GDPR
HITRUST
ISO/IEC 27001
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA
UK Cyber Essentials

Description

Orca has detected that the policy {AwsIamManagedPolicy} grants full administrative privileges on the account. These privileges grant the ability to perform all actions on any resource in the account.

Recommended Mitigation

Prefer using more explicit policies that adhere to the principle of least privilege.

IAM Managed Policy with Administrative Privileges

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS