IAM Role Recently Used by an External Identity

IAM misconfigurations

IAM Role Recently Used by an External Identity

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCPA
GDPR
HITRUST
ISO/IEC 27001
Mitre ATT&CK v12
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
UK Cyber Essentials

Description

Orca has found that the role {AwsIamRole}, which can be assumed by an AWS identity which is not part of the account, was recently in use. Roles which can be assumed by an external entity should be monitored carefully to ensure they are not being misused.

Recommended Mitigation

Ensure {AwsIamRole} is being used by authorized identities in an appropriate manner

IAM Role Recently Used by an External Identity

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS