Severity Framework
Snyk CCSS
Rule category
IAM / Access Control
Is your enviroment affected by this misconfiguration?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsFrameworks
CSA-CCM
ISO-27001
SOC-2
- Snyk ID SNYK-CC-00218
- credit Snyk Research Team
Description
Wildcard permissions grant broad permissions. The best practice recommends providing only required permissions explicitly.
How to fix?
Ensure that the action attribute is not set to an invalid action.
Invalid actions are:
"*""lambda:*"
Example Configuration
resource "aws_lambda_permission" "example" {
action = "lambda:InvokeFunction"
# other required fields here
}