hello,
in reagrds to this CSPM findings
“Establish an access control system(s) : IAM Policies with Effect as Allow and Action with sts:AssumeRole for CrossAccountArn”
which is being flag for AWSControlTowerExecution, based on some research i have dont the issue is bc this roles have an excessive permissions, however this are default roles created by controltower, hence how can we work this finding out to remediate ? or is this a false positive as im being advice bc control tower has a principal in it limits who can use the role.
however I wanted to bring it to the community to see if some has a better understanding of this and can help me understand if it is in fact a FP or how can this be remediated effectible?
Be the first to reply!
Sign up
Already have an account? Login
Sign in or register securely using Single Sign-On (SSO)
Employee Continue as Customer / Partner (Login or Create Account)Login to the community
Sign in or register securely using Single Sign-On (SSO)
Employee Continue as Customer / Partner (Login or Create Account)Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.