Lateral movement

Lambda Function with Admin Privileges

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

The IAM role associated with {AwsLambdaFunction} grants the function with admin privileges (i.e. 'Action': '*' on 'Resource': '*'. An attacker could exploit the privileges for his needs.

  • Recommended Mitigation

    Define the specific permissions needed for the function in the IAM role policy - can be done by detach {AwsLambdaFunction.FunctionRole} role from the privileged policy, and attach it to a more explicit one.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.