Internet-Facing Ec2 Instance Has Full Access to EC2

IAM misconfigurations

Internet-Facing Ec2 Instance Has Full Access to EC2

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCPA
CPRA
Data Security Posture Management (DSPM) Best Practices
GDPR
HITRUST
iso_27001_2022
iso_27002_2022
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-190
PDPA
STIG K8s
UK Cyber Essentials

Description

The internet-facing asset {AwsEc2Instance} ({AwsEc2Instance.InstanceId}) was found to have full access to your EC2 resources. Instance Profiles with the AmazonEC2FullAccess policy attached grant unrestricted access (Action: 'ec2:*') to EC2 resources on the account (Resource: '*'). In the event that the asset is compromised, this will grant the attacker full access to your EC2 resources, any data stored on them, and possible lateral movement which may lead to full account compromise.

Internet-Facing Ec2 Instance Has Full Access to EC2

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS