IAM misconfigurations

Role Can be Assumed by Anyone

Risk Level

Imminent Compromised (2)

Platform(s)
Compliance Frameworks

Description

The IAM role {AwsIamRole} has the Principal value set to ""AWS"": ""*"", and the Action value set to ""sts:AssumeRole"". Such a role can be assumed by anyone. This violates the principle of least privilege and puts your AWS resources at an increased risk of unauthorized access.

  • Recommended Mitigation

    While defining principals for a role trust policy, adhere to the principle of least privilege.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.