This repository has been archived by the owner on Jan 30, 2023. It is now read-only.
wildcard actions not handled properly #43
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
This tool does not handle wildcards in IAM policy actions properly, because it only does literal string matches. For example, the
PrivilegeEscalationclass will not detect any issue if my policy grants"iam:Create*". All the IAM policy checking logic needs to be rewritten to treat wildcards as actual wildcards (perhaps via regex) instead of only doing literal string matches.The text was updated successfully, but these errors were encountered: