Incorrect Permission Assignment for Critical Resource

Property
Language
Severity
CWE	CWE-732: Incorrect Permission Assignment for Critical Resource
OWASP	A05:2021 - Security Misconfiguration
Confidence Level	Medium
Impact Level	Medium
Likelihood Level	Medium

Description#

The policy grants administrative (’*’) access to all actions and resources without any restrictions or explicit deny rules. This means anyone assigned this policy can perform any operation in your AWS environment.

Impact#

If exploited, an attacker or unauthorized user could gain full control over AWS resources, including modifying, deleting, or exposing sensitive data. This significantly increases the risk of data breaches, service disruptions, and unauthorized changes across your entire AWS account.