IAM misconfigurations

Role Can be Assumed by Anyone


The IAM role {AwsIamRole} has the Principal value set to ""AWS"": ""*"", and the Action value set to ""sts:AssumeRole"". Such a role can be assumed by anyone. This violates the principle of least privilege and puts your AWS resources at an increased risk of unauthorized access.