💼 [CloudFormation.4] CloudFormation stacks should have associated service roles

ID: /frameworks/aws-fsbp-v1.0.0/cloudformation/04

Description

Using service roles with CloudFormation stacks helps implement least privilege access by separating permissions between the user who creates/updates stacks and the permissions needed by CloudFormation to create/update resources. This reduces the risk of privilege escalation and helps maintain security boundaries between different operational roles.

Similar

AWS Security Hub
- https://docs.aws.amazon.com/securityhub/latest/userguide/cloudformation-controls.html#cloudformation-4

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Description​

Similar​

Sub Sections​

Description

Similar

Sub Sections