forked from SummitRoute/aws_managed_policies
-
-
Notifications
You must be signed in to change notification settings - Fork 31
/
AWSElasticBeanstalkService.json
130 lines (130 loc) · 4.24 KB
/
AWSElasticBeanstalkService.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
[
{
"findingDetails": "The 2 resource ARN(s) are redundant because they reference the same resource. Review the use of wildcards (*), or remove the resource arn:aws:s3:::elasticbeanstalk-*/* to remove the redundancy.",
"findingType": "SUGGESTION",
"issueCode": "REDUNDANT_RESOURCE",
"learnMoreLink": "https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-policy-checks.html#access-analyzer-reference-policy-checks-suggestion-redundant-resource",
"locations": [
{
"path": [
{
"value": "Statement"
},
{
"index": 3
},
{
"value": "Resource"
},
{
"index": 0
}
],
"span": {
"end": {
"column": 684,
"line": 1,
"offset": 684
},
"start": {
"column": 651,
"line": 1,
"offset": 651
}
}
},
{
"path": [
{
"value": "Statement"
},
{
"index": 3
},
{
"value": "Resource"
},
{
"index": 1
}
],
"span": {
"end": {
"column": 721,
"line": 1,
"offset": 721
},
"start": {
"column": 686,
"line": 1,
"offset": 686
}
}
}
]
},
{
"findingDetails": "Using the iam:PassRole action with wildcards (*) in the resource can be overly permissive because it allows iam:PassRole permissions on multiple resources. We recommend that you specify resource ARNs or add the iam:PassedToService condition key to your statement.",
"findingType": "SECURITY_WARNING",
"issueCode": "PASS_ROLE_WITH_STAR_IN_RESOURCE",
"learnMoreLink": "https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-policy-checks.html#access-analyzer-reference-policy-checks-security-warning-pass-role-with-star-in-resource",
"locations": [
{
"path": [
{
"value": "Statement"
},
{
"index": 6
},
{
"value": "Action"
},
{
"index": 73
}
],
"span": {
"end": {
"column": 3756,
"line": 1,
"offset": 3756
},
"start": {
"column": 3742,
"line": 1,
"offset": 3742
}
}
},
{
"path": [
{
"value": "Statement"
},
{
"index": 6
},
{
"value": "Resource"
},
{
"index": 0
}
],
"span": {
"end": {
"column": 4275,
"line": 1,
"offset": 4275
},
"start": {
"column": 4272,
"line": 1,
"offset": 4272
}
}
}
]
}
]