Wildcard action has been specified in policy action Affecting ElasticSearch service in AWS

Snyk CCSS

IAM / Accounts Allocation

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Frameworks

CSA-CCM ISO-27001 SOC-2

Snyk ID SNYK-CC-00257
credit Snyk Research Team

Report a new misconfiguration Found a mistake?

Description

Granting permission to perform any action is against 'least privilege' principle.

How to fix?

Remove * values from Action in policy document. Add specific permissions only for example es:ESHttpGet.

CloudFormation

aws-resource-elasticsearch-domain.html#cfn-elasticsearch-domain-accesspolicies

Terraform

elasticsearch_domain_policy

References

best-practices.html#grant-least-privilege