github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/avd_docs/aws/iam/AVD-AWS-0057/CloudFormation.md

github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/avd_docs/aws/iam/AVD-AWS-0057/CloudFormation.md (about)

     1  
     2  Specify the exact permissions required, and to which resources they should apply instead of using wildcards.
     3  
     4  ```yaml---
     5  AWSTemplateFormatVersion: 2010-09-09
     6  Description: Good example of policy
     7  Resources:
     8    GoodPolicy:
     9      Type: 'AWS::IAM::Policy'
    10      Properties:
    11        PolicyName: CFNUsers
    12        PolicyDocument:
    13          Version: "2012-10-17"
    14          Statement:
    15            - Effect: Allow
    16              Action:
    17                - 's3:ListBuckets'
    18              Resource: 'specific-bucket'
    19  
    20  ```
    21  
    22