IAM permission: Principle of least privilegeΒ #29
Description
Great solution, however, IAM permissions required provide a significant level of access to the head & compute nodes restricting the ability to deploy the solution into certain environments due to security concerns,
- Policy: arn:aws:iam::aws:policy/CloudWatchFullAccess
- Policy: arn:aws:iam::aws:policy/AWSPriceListServiceFullAccess
- Policy: arn:aws:iam::aws:policy/AmazonSSMFullAccess
- Policy: arn:aws:iam::aws:policy/AWSCloudFormationReadOnlyAccess
A set of policies that follow the principle of least privilege providing the bare minimum required would help address security concerns