Role with Unused Service Access

IAM misconfigurations

Role with Unused Service Access

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCPA
cis_8
CPRA
Data Security Posture Management (DSPM) Best Practices
GDPR
ISO/IEC 27001
mpa
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA
UK Cyber Essentials

Description

Orca has detected that the IamRole was granted access to the following services, which they may not require. Policies should adhere to the Principle of Least Privilege. You can read more here: https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#grant-least-privilege

Recommended Mitigation

Review the policy and consider revoking its access to any unused services.

Role with Unused Service Access

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS