IAM misconfigurations

Role with Permissive Privileges attached to 50+ Instances

Description

Orca has detected that the Role {AwsIamRole} is attached to {AwsIamRole.InstanceProfiles.Ec2Instances|count} instances. Anyone who has access to those instances can effectively operate with the same permissions granted by this Role. This Role poses a security concern because it was found to have permissive actions which can be used to gain full administrative access on your account.
  • Recommended Mitigation

    Review the role {AwsIamRole}'s policies and detach any policies that may be too permissive. Policies should adhere to the Principle of Least Privilege. You can read more here: <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#grant-least-privilege" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#grant-least-privilege</a>