You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Jan 30, 2023. It is now read-only.
This tool does not handle wildcards in IAM policy actions properly, because it only does literal string matches. For example, the PrivilegeEscalation class will not detect any issue if my policy grants "iam:Create*". All the IAM policy checking logic needs to be rewritten to treat wildcards as actual wildcards (perhaps via regex) instead of only doing literal string matches.
The text was updated successfully, but these errors were encountered:
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
This tool does not handle wildcards in IAM policy actions properly, because it only does literal string matches. For example, the
PrivilegeEscalation
class will not detect any issue if my policy grants"iam:Create*"
. All the IAM policy checking logic needs to be rewritten to treat wildcards as actual wildcards (perhaps via regex) instead of only doing literal string matches.The text was updated successfully, but these errors were encountered: