Unused IAM Role Can be Assumed by External Identity

IAM misconfigurations

Unused IAM Role Can be Assumed by External Identity

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCPA
cis_8
CPRA
Data Security Posture Management (DSPM) Best Practices
GDPR
iso_27001_2022
iso_27002_2022
Mitre ATT&CK
mpa
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA
UK Cyber Essentials

Description

Orca has found that the role {AwsIamRole}, which can be assumed by an AWS identity which is not part of the account, has not been used in the last 90 days. Removing orphaned and unused IAM roles eliminates the risk that a forgotten role will be used accidentally to allow unauthorized users to access AWS resources

Unused IAM Role Can be Assumed by External Identity

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS