Data protection

RAM policy with full administrative privileges

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

A RAM Policy is an object in Alibaba Cloud that, when attached to a RAM identity (a user, group, or role), defines its permissions. It was detected that the custom RAM policy {AliCloudRamPolicy} grants full administrative privileges. These privileges grant the attached RAM identities the ability to perform all actions on any resource in the account.