💼 1.22 Ensure access to AWSCloudShellFullAccess is restricted - Level 1 (Manual)

ID: /frameworks/cis-aws-v3.0.0/01/22

Description

AWS CloudShell is a convenient way of running CLI commands against AWS services; a managed IAM policy ('AWSCloudShellFullAccess') provides full access to CloudShell, which allows file upload and download capability between a user's local system and the CloudShell environment. Within the CloudShell environment a user has sudo permissions, and can access the internet. So it is feasible to install file transfer software (for example) and move data from CloudShell to external internet servers.

Similar

Sections
- /frameworks/cis-aws-v4.0.0/01/22
- /frameworks/cis-aws-v2.0.0/01/22
Internal
- ID: dec-c-001c6aa0

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CIS AWS v2.0.0 → 💼 1.22 Ensure access to AWSCloudShellFullAccess is restricted - Level 1 (Manual)			1		no data
💼 CIS AWS v4.0.0 → 💼 1.22 Ensure access to AWSCloudShellFullAccess is restricted (Manual)			1		no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CIS AWS v2.0.0 → 💼 1.22 Ensure access to AWSCloudShellFullAccess is restricted - Level 1 (Manual)			1		no data
💼 CIS AWS v4.0.0 → 💼 1.22 Ensure access to AWSCloudShellFullAccess is restricted (Manual)			1		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (1)

Policy	Logic Count	Flags	Compliance
🛡️ AWS IAM AWSCloudShellFullAccess Policy is attached🟢	1	🟢 x6	no data

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​