AWS CSPM: Added IAM misconfiguration policies #566
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Updated
PR-AWS-CLD-IAM-001: Ensure no wildcard resource is specified in IAM policy
PR-AWS-CLD-IAM-002: Ensure no wildcard action is specified in IAM policy
PR-AWS-CLD-IAM-028: AWS root account should not use access keys
Added
PR-AWS-CLD-IAM-051: Ensure AWS IAM managed policies do not have 'getObject' or full S3 action permissions
PR-AWS-CLD-IAM-052: IAM Access key should be rotated every 90 days or less
PR-AWS-CLD-IAM-053: Ensure to enforce IAM password policy
PR-AWS-CLD-IAM-054: IAM password policy should prevent password reuse
PR-AWS-CLD-IAM-055: IAM user password should be rotated every 90 days or less
PR-AWS-CLD-IAM-056: IAM password policy should require at least one uppercase letter
PR-AWS-CLD-IAM-057: IAM password policy should require at least one lowercase letter
PR-AWS-CLD-IAM-058: IAM password policy should require at least one symbol
PR-AWS-CLD-IAM-059: IAM password policy should require at least one number
PR-AWS-CLD-IAM-060: IAM password policy should require minimum password length of 14 or more
PR-AWS-CLD-IAM-061: IAM policy should prevent privilege escalation via EC2 and SSM permissions
PR-AWS-CLD-IAM-062: IAM policy should not allow privilege escalation via Codestar create project and associate team member permissions
PR-AWS-CLD-IAM-063: IAM policy should not allow privilege escalation via EC2 Instance Connect permissions
PR-AWS-CLD-IAM-064: IAM policy should prevent privilege escalation via EC2 describe and SSM session permissions
PR-AWS-CLD-IAM-065: IAM policy should prevent privilege escalation via glue dev endpoint permissions
PR-AWS-CLD-IAM-066: IAM policy should prevent privilege escalation via passrole and codebuild permissions
PR-AWS-CLD-IAM-067: IAM policy should prevent privilege escalation via passrole and create project permissions
PR-AWS-CLD-IAM-068: IAM policy should prevent privilege escalation via passrole and data pipeline permissions
PR-AWS-CLD-IAM-069: IAM policy should prevent privilege escalation via passrole and ec2 permissions
PR-AWS-CLD-IAM-070: IAM policy should prevent privilege escalation via passrole and glue create job permissions
PR-AWS-CLD-IAM-071: IAM policy should prevent privilege escalation via passrole and glue development endpoint permissions
PR-AWS-CLD-IAM-072: IAM policy should prevent privilege escalation via passrole and glue update job permissions
PR-AWS-CLD-IAM-073: IAM policy should prevent privilege escalation via passrole and create and invoke Lambda function permissions
PR-AWS-CLD-IAM-074: IAM policy should prevent privilege escalation via passrole, lambda create function and event source mapping permissions