Ensure IAM Roles are Least Privileged

Description

With an over-permissive IAM role assigned to a function, an attacker may leverage an application layer vulnerability in your function to perform lateral movement into other resources in your AWS account. This requirement ensures that your IAM roles are configured with the least privilege approach in mind.

Stack layerSecurity domainSecurity tool initiated by this item
InfrastructureLeast privilegeAirIAM