False positive on iam_policy_allows_privilege_escalation for iam:CreateAccessKey restricted to current user #5731
Labels
bug
provider/aws
Issues/PRs related with the AWS provider
severity/medium
Results in some unexpected or undesired behavior.
Steps to Reproduce
prowler aws --check iam_policy_allows_privilege_escalation
Expected behavior
Check for policy above should pass considering that target resources are restricted only to current user.
Actual Result with Screenshots or Logs
Check will fail with:
How did you install Prowler?
Cloning the repository from github.com (git clone)
Environment Resource
Workstation
OS used
MacOS
Prowler version
4.6.0
Pip version
24.2
Context
I'm using https://registry.terraform.io/modules/terraform-aws-modules/iam/aws/latest/submodules/iam-group-with-policies?tab=inputs to provision user groups with self management policy (part of which is in example above)
https://github.com/terraform-aws-modules/terraform-aws-iam/blob/e20e0b9a42084bbc885fd5abb18b8744810bd567/modules/iam-group-with-policies/policies.tf#L48
The text was updated successfully, but these errors were encountered: