"The list of AWS policy types and identities that are used to calculate the net effective permissions are as follows:
AWS IAM role
AWS IAM policy
AWS IAM group
AWS service control policies (SCPs)
Role trust relationships
Permission boundaries
NotAction
Policies with wild card support
If your cloud environment has additional resource types, Prisma Cloud does not factor them into the net-effective permissions.
In addition, permissions can also be set by a resource-based policy. The following AWS resource-based policies are supported in the net effective permissions calculation:
Lambda function
S3 bucket
SQS queue
SNS topic
ECS task definition
Secret manager
KMS key
Lambda layer version"
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit