IAM misconfigurations

IAM Managed Policy with Administrative Privileges

Risk Level

Hazardous (3)

Compliance Frameworks


Orca has detected that the policy {AwsIamManagedPolicy} grants full administrative privileges on the account. These privileges grant the ability to perform all actions on any resource in the account.
  • Recommended Mitigation

    Prefer using more explicit policies that adhere to the principle of least privilege. ## Remediation --- >1. Sign in to the AWS Management Console and open the **[IAM console](https://console.aws.amazon.com/iam/)**. >2. In the navigation pane, choose **Policies**, and choose the desired policy. >3. Under **Permissions** tab, choose **Edit policy**. >4. Edit the policy via **visual editor/JSON**. >5. Consider replacing * in **Resource/Action** blocks, to fixed values. >6. At the bottom of the page, choose **Review Policy**. >7. Choose **save changes**.