guardrails-samples icon indicating copy to clipboard operation
guardrails-samples copied to clipboard

Published 20 hours ago verified publisher icon turbot

Add policy pack - Remove privileged access from federated roles

Open Joeturbot opened this issue 6 months ago • 0 comments

Control objective Identify IAM roles with privileged access across all federated roles.

  • Admin access defined as "Action": ":"
  • IAM Full access defined as "Action": "iam:*"

Remediation

  • Strip privileged access from federated IAM roles only. All other IAM roles should remain untouched.

Categories

  • Access Management

Additional context Source Conversation: https://turbothq.slack.com/archives/C06DF1TE16D/p1723561500674229

Joeturbot avatar Aug 14 '24 18:08 Joeturbot