ServiceNow CMDB CI relationship sync: faster, more complete →
Mods
AWS

Control: AWS > CIS v3.0 > 1 - Identity and Access Management > 1.16 - Ensure IAM policies that allow full "*:*" administrative privileges are not attached

Configures auditing against a CIS Benchmark item.

Level: 1

IAM policies are the means by which privileges are granted to users, groups, or roles. It is recommended and considered a standard security advice to grant least privilege - that is, granting only the permissions required to perform a task. Determine what users need to do and then craft policies for them that let the users perform only those tasks, instead of allowing full administrative privileges.

Note: This control does not evaluate AWS managed IAM policies since they are not available in Turbot CMDB.

Resource Types

This control targets the following resource types:

Primary Policies

The following policies can be used to configure this control:

Category

In Your Workspace

Developers