Role with Permissive Privileges attached to 50+ Instances

IAM misconfigurations

Role with Permissive Privileges attached to 50+ Instances

Risk Level

Imminent Compromised (2)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
cis_8
GDPR
HITRUST
ISO/IEC 27001
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
UK Cyber Essentials

Description

Orca has detected that the Role {AwsIamRole} is attached to {AwsIamRole.InstanceProfiles.Ec2Instances|count} instances. Anyone who has access to those instances can effectively operate with the same permissions granted by this Role. This Role poses a security concern because it was found to have permissive actions which can be used to gain full administrative access on your account.

Recommended Mitigation

Review the role {AwsIamRole}'s policies and detach any policies that may be too permissive. Policies should adhere to the Principle of Least Privilege. You can read more here: <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#grant-least-privilege" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#grant-least-privilege</a>

Role with Permissive Privileges attached to 50+ Instances

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS