Project Description
Create policies to restrict IAM role usage by restricting access from specified locations.
Summary:
Ensure all of your policies limit IAM role usage by restricting access from specified locations. Use IP, VPC or Tags to control the source location of your role use. Useful in preventing unauthorized credential use like SSRF attacks.
Supported Issue Types:
Supported Actions:
- Restrict use of the role to specific CIDRs
- Restrict use of the role to VPCs within this account
- Restrict use of the role to all VPCs within the organization
Platform:
Related Articles
Fashion App’s Faux Pas: Open Buckets of (21) Buttons
Fashion App’s Faux Pas: Open Buckets of (21) Buttons TL; DR: Leaving their S3 buckets exposed, fashion-focused social app, 21 Buttons, is caught with their pants down. Because it had nothing to do with
Supercharging Security Hub: Part 4, Taking Action
In our last post, we walked through the console and highlighted making the most of the Security Hub console and some tips and tricks to make it more useful. Today I want to dive into one of the best parts of Security Hub — taking actions on events and findings.
