Description

This control checks whether the IAM identity-based policies that you create have Allow statements that use the * wildcard to grant permissions for all actions on any service. The control fails if any policy statement includes ""Effect"": ""Allow"" with ""Action"": ""Service:*"" or ""NotAction"": ""Service:*"".