github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/iam/AVD-AWS-0057/CloudFormation.md

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/iam/AVD-AWS-0057/CloudFormation.md (about)

     1  
     2  Specify the exact permissions required, and to which resources they should apply instead of using wildcards.
     3  
     4  ```yaml---
     5  AWSTemplateFormatVersion: 2010-09-09
     6  Description: Good example of policy
     7  Resources:
     8    GoodPolicy:
     9      Type: 'AWS::IAM::Policy'
    10      Properties:
    11        PolicyName: CFNUsers
    12        PolicyDocument:
    13          Version: "2012-10-17"
    14          Statement:
    15            - Effect: Allow
    16              Action:
    17                - 's3:ListBuckets'
    18              Resource: 'specific-bucket'
    19  
    20  ```
    21  
    22