User with Unused Service Access

IAM misconfigurations

User with Unused Service Access

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCPA
cis_8
GDPR
ISO/IEC 27001
Mitre ATT&CK v12
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
UK Cyber Essentials

Description

Orca has detected that the IamUser was granted access to the following services, which they may not require. Policies should adhere to the Principle of Least Privilege. You can read more here: https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#grant-least-privilege

Recommended Mitigation

Review the policy and consider revoking its access to any unused services.

User with Unused Service Access

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS