IAM misconfigurations

Policy Which Grants Administrator Privileges is Attached

Risk Level

Informational (4)



IAM policies are the means by which privileges are granted to users, groups, or roles. It is recommended and considered a standard security advice to grant least privilege -that is, granting only the permissions required to perform a task. Determine what users need to do and then craft policies for them that let the users perform only those tasks, instead of allowing full administrative privileges.
  • Recommended Mitigation

    Detach any policies granting administrator privileges