iam policy with wildcards

[syscod3]

Hi! another tfsec warning

Result #2 HIGH IAM policy document uses sensitive action 'ec2:AttachNetworkInterface' on wildcarded resource '*'
──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
 .terraform/modules/nat_instance/main.tf Line 199
───────┬──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
  194  │         {
  195  │             "Effect": "Allow",
  196  │             "Action": [
  197  │                 "ec2:AttachNetworkInterface"
  198  │             ],
  199  │             "Resource": "*"
  200  │         }
───────┴──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
          ID aws-iam-no-policy-wildcards
      Impact Overly permissive policies may grant access to sensitive resources
  Resolution Specify the exact permissions required, and to which resources they should apply instead of using wildcards.

  More Information
  - https://aquasecurity.github.io/tfsec/v1.8.0/checks/aws/iam/no-policy-wildcards/
  - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document
──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────

it can probably be solved by adding a condition to the policy (as per the ASG tag here) like

         "Condition": {
             "StringEquals": {
                "aws:resourceTag/Name": "nat-instance-${var.name}"
              }
          }