IAM policy provides full administrator access



An IAM policy contains administrative permissions. If an attacker gains access to a user, group, or role with this role attached, they can potentially compromise and take over the AWS account.


  1. Follow the AWS guide on removing users, roles, and groups associated with this role.
  2. Apply the principle of least-privilege to your permissions, as documented by AWS here.