Internet Facing EC2 Instance with Administrator Privileges

IAM misconfigurations

Internet Facing EC2 Instance with Administrator Privileges

Risk Level

Imminent Compromised (2)

Platform(s)

Description

The internet-facing asset {AwsEc2Instance} ({AwsEc2Instance.InstanceId}) was found to have full administrative privileges to your account. Instance Profiles with full administrative privileges attached grant unrestricted access (Action: '*') to any resources on the account (Resource: '*'). In the event that the asset is compromised, this may potentially lead to full account takeover.

Recommended Mitigation

Detach policies containing full administrative privileges from the instance's Instance Profile ({AwsEc2Instance.InstanceProfile}). When writing policies, make sure to adhere to the 'Least Privilege' principal, as described here: https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html

Internet Facing EC2 Instance with Administrator Privileges

Description

Need help?