From fb01387ed334a1ceb92851af5f1c4a6002dc191e Mon Sep 17 00:00:00 2001 From: mgeeky Date: Fri, 6 Dec 2019 09:57:53 +0100 Subject: [PATCH] Added two dangerous policies to evaluate-iam-role.sh --- clouds/aws/evaluate-iam-role.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/clouds/aws/evaluate-iam-role.sh b/clouds/aws/evaluate-iam-role.sh index 49fbd95..e83d48e 100755 --- a/clouds/aws/evaluate-iam-role.sh +++ b/clouds/aws/evaluate-iam-role.sh @@ -32,7 +32,8 @@ known_potentially_dangerous_permissions=( ) known_dangerous_permissions=( - "*:*" + "\*:\*" + "iam:\*" "iam:CreatePolicyVersion" "iam:SetDefaultPolicyVersion" "iam:PassRole"