IAM policies should adhere to least-privilege

iam
이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

IAM policies define privileges granted to users, groups, or roles. Best practice recommends granting only the permissions necessary to perform specific tasks. Begin with minimal permissions, adding more as necessary, rather than starting with overly permissive settings. Granting full administrative privileges instead of essential permissions can expose resources to potential misuse or compromise. It’s critical to remove policies with "Effect": "Allow" combined with "Action": "*" and "Resource": "*" to minimize security risks.

Remediation

For guidance on removing overly permissive policies and properly configuring IAM policies, refer to Policies and permissions in AWS Identity and Access Management.