terraform-aws-mwaa icon indicating copy to clipboard operation
terraform-aws-mwaa copied to clipboard

Published 20 hours ago verified publisher icon aws-ia

Security issue: MWAA has more access than it needs

Open Almenon opened this issue 2 years ago • 1 comments

MWAA has "eks:*" access, but it does not need EKS access by default. It does not need S3 delete permissions by default either. Finally, I don't think it needs batch permissions.

https://github.com/aws-ia/terraform-aws-mwaa/pull/23 fixes this.

Almenon avatar Mar 30 '23 01:03 Almenon

@vara-bonthu Hi, just a note: I believe that the issue was resolved by merging https://github.com/aws-ia/terraform-aws-mwaa/pull/49 and might be closed to avoid confusion

monometa avatar May 09 '24 07:05 monometa