Closed rdegraaf-ncc3 closed 1 week ago
Another instance of this problem: in https://github.com/appdefensealliance/ASA-WG/blob/main/Cloud%20App%20and%20Config%20Profile/Cloud%20App%20and%20Config%20Test%20Guide.md#273-ensure-iam-policies-that-allow-full--administrative-privileges-are-not-attached,
IAM policies that have a statement with "Effect": "Allow" with "Action": "" over "Resource": "" should be removed.
should be something like
IAM policies that have a statement with "Effect": "Allow" with "Action": "*" over "Resource": "*" should be removed.
Fixed escape codes.
Thanks.
The character
*
appears in a number locations. In addition to being a wildcard in glob-style patterns, it is also a Markdown metacharacter used to denote italicized or bolded text. In order for it to appear correctly in documents rendered from Markdown, it needs to be escaped.This issue appears in the Cloud Profile rule/section title "2.7.3 Ensure IAM policies that allow full ":" administrative privileges are not attached" in all three documents. It may also appear elsewhere.
To fix,
should be replaced with
or