Skip to main content

RAM User Specified Permission Bound

ID: rule:aliyun:ram-user-specified-permission-bound
Severity: high
IaC Types: ROS, Terraform

Description

Ensures RAM users do not have specified high-risk permissions bound.

Reason for Violation

High-risk permissions can cause significant damage if misused.

Recommendation

Remove AdministratorAccess system policy from alicloud_ram_user_policy_attachment and restrict permissions to only what is necessary.

Resource Types

ROS: ALIYUN::RAM::User
Terraform: alicloud_ram_user_policy_attachment

Description
Reason for Violation
Recommendation
Resource Types