Role Can be Assumed by Anyone - Complete Cloud Security in Minutes - Orca Security

IAM misconfigurations

Role Can be Assumed by Anyone

Risk Level

Imminent Compromised (2)

Platform(s)

Compliance Frameworks

NIST 800-53

Description

The IAM role {AwsIamRole} has the Principal value set to ""AWS"": ""*"", and the Action value set to ""sts:AssumeRole"". Such a role can be assumed by anyone. This violates the principle of least privilege and puts your AWS resources at an increased risk of unauthorized access.

Recommended Mitigation

While defining principals for a role trust policy, adhere to the principle of least privilege.

See Orca in action

See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.