Query: IAM unattached custom policy should not have statements with admin access

Description

AWS Identity and Access Management (IAM) can help you incorporate the principles of least privilege and separation of duties with access permissions and authorizations, restricting policies from containing 'Effect': 'Allow' with 'Action': '*' over 'Resource': '*'.

Query

Tables used in this query:

• aws_iam_policy

Controls using this query:

• IAM unattached custom policy should not have statements with admin access

SQL