Skip to main content

RAM Policy No Specified Document

ID: rule:aliyun:ram-policy-no-has-specified-document
Severity: medium
IaC Types: ROS, Terraform

Description

Ensures custom RAM policies do not contain the specified permission configuration.

Reason for Violation

Policies with overly broad permissions increase security risks.

Recommendation

Review the policy_document attribute and restrict permissions to only what is necessary. Avoid using wildcard '*' for both Action and Resource.

Resource Types

ROS: ALIYUN::RAM::ManagedPolicy
Terraform: alicloud_ram_policy

Description
Reason for Violation
Recommendation
Resource Types