IAM policy should avoid use of wildcards and instead apply the principle of least privilege
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | iam |
| Provider | AWS |
| Vulnerability Type | misconfiguration |
Description#
Using wildcards in IAM policies can lead to overly permissive access, granting users or services permissions that are broader than necessary.
Impact#
This increases the attack surface and the potential for misuse of privileges, which can lead to unauthorized access or accidental modifications.
Resolution#
Specify the exact permissions required, and to which resources they should apply instead of using wildcards.