- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
This rule identifies when an IAM group has a policy attached, which permits them access to a significant number of resources in the account.
IAM policies should be scoped down to have the fewest permissions needed to perform their function. In the event the IAM group is compromised, if the associated policies are too broadly scoped, this would permit an adversary to access a significant number of resources in the account.
Review the policies attached to the IAM group and ensure the Resource
policy element is scoped down to only what is needed.