10000 FP in iam-inline-policy-for-role.json finding · Issue #4 · nccgroup/ScoutSuite · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
FP in iam-inline-policy-for-role.json finding #4
New issue
New issue
Closed
Closed
FP in iam-inline-policy-for-role.json finding#4
Assignees
Aboisier
Labels
bugSomething isn't workingcomponent-findingsAffects findingscomponent-provider-awsAffects AWS provider
Milestone
 
Iteration #1
@x4v13r64

Description

@x4v13r64
x4v13r64
opened on Aug 6, 2018

Found a FP case:

When testing AssumeRole for * resources, this policy gets flagged (belong to PowerUserAccess Managed policy):

 "Statement":  [
{
  "Effect": "Allow",
  "NotAction": [
    "iam:*",
    "organizations:*"
  ],
  "Resource": [
    "*"
  ]
} ,
{
  "Action": [
    "iam:CreateServiceLinkedRole",
    "iam:DeleteServiceLinkedRole",
    "iam:ListRoles",
    "organizations:DescribeOrganization"
  ],
  "Effect": "Allow",
  "Resource": [
    "*"
  ]
}
  ] ,
  "Version":  "2012-10-17"

Metadata

Metadata

Assignees

Labels

bugSomething isn't workingcomponent-findingsAffects findingscomponent-provider-awsAffects AWS provider

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions
    0