MANAGE IAM ROLE LOCATION RESTRICTIONS

MANAGE IAM ROLE LOCATION RESTRICTIONS2019-10-03T11:03:51-05:00

Project Description

Create policies to restrict IAM role usage by restricting access from specified locations.

Summary:

Ensure all of your policies limit IAM role usage by restricting access from specified locations.  Use IP, VPC or Tags to control the source location of your role use. Useful in preventing unauthorized credential use like SSRF attacks.

Supported Issue Types:

The IAM Role has been found without location restrictions

Supported Actions:

  • Restrict use of the role to specific CIDRs
  • Restrict use of the role to VPCs within this account
  • Restrict use of the role to all VPCs within the organization

Platform:

Project Details

Categories:

Tags: