Public EC2 Instance IAM Profile has Administrative Privileges

Tenacity Id

Risk Level

Categories

ec2-011

5

Last Updated:

April 21, 2022

An Amazon Elastic Compute Cloud (EC2) instance with a public IP address is configured with an Identity and Access Management (IAM) role that grants administrative privileges. EC2 instances with public IP addresses are susceptible to compromise by a remote attacker who could gain control of the EC2 instance. An attacker that gains control of this publicly exposed EC2 instance would have administrative privileges. Publicly exposed EC2 instances should have restricted IAM roles.