IAM misconfigurations

Internet-Facing Ec2 Instance Has Full Access to S3

Risk Level

Hazardous (3)

Compliance Frameworks


The internet-facing asset {AwsEc2Instance} ({AwsEc2Instance.InstanceId}) was found to have full access to your S3 resources. Instance Profiles with the AmazonS3FullAccess policy attached grant unrestricted access (Action: 's3:*') to S3 resources on the account (Resource: '*'). In the event that the asset is compromised, this will grant the attacker full access to any data stored on your S3 resources.