IAM Role Has ReadOnlyAccess for External AWS Accounts

Overview

The AWS-managed ReadOnlyAccess policy grants extensive permissions that can lead to data exposure if used improperly. It should be applied very carefully and only when absolutely necessary. Consider using more restrictive policies like ViewOnlyAccess or SecurityAudit for third-party access.

Vendor

AWS

Cloud Service

IAM

References

https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_job-functions.html#awsmp_readonlyaccess

Severity

Item Types

AWS::IAM::Role

Overview​

Vendor​

Cloud Service​

References​

Severity​

Item Types​