IAM misconfigurations

IAM Managed Policy with Administrative Privileges

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

Orca has detected that the policy {AwsIamManagedPolicy} grants full administrative privileges on the account. These privileges grant the ability to perform all actions on any resource in the account.

  • Recommended Mitigation

    Prefer using more explicit policies that adhere to the principle of least privilege. ## Remediation --- >1. Sign in to the AWS Management Console and open the **[IAM console](https://console.aws.amazon.com/iam/)**. >2. In the navigation pane, choose **Policies**, and choose the desired policy. >3. Under **Permissions** tab, choose **Edit policy**. >4. Edit the policy via **visual editor/JSON**. >5. Consider replacing * in **Resource/Action** blocks, to fixed values. >6. At the bottom of the page, choose **Review Policy**. >7. Choose **save changes**.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.