AWS Config
Developer Guide

iam-policy-no-statements-with-admin-access

Checks whether the default version of AWS Identity and Access Management (IAM) policies do not have administrator access. If any statement has "Effect": "Allow" with "Action": "*" over "Resource": "*", the rule is NON_COMPLIANT.

Identifier: IAM_POLICY_NO_STATEMENTS_WITH_ADMIN_ACCESS

Trigger type: Configuration changes

Parameters:

None

AWS CloudFormation template

To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.

View Launch

View