Description

An IAM Group is a collection of IAM Users. You can use groups to specify permissions for a collection of users. The group {AwsIamGroup} was found with permissive permissions that allows the user the ability to create access keys for a user or create/update console login credentials. An attacker may leverage this ability in order to create or update credentials for a user other than themselves, allowing them to then log in and act on behalf of that user.