💼 2.20 Ensure access to AWSCloudShellFullAccess is restricted (Manual)

ID: /frameworks/cis-aws-v7.0.0/02/20

Description

AWS CloudShell is a convenient way of running CLI commands against AWS services. The managed IAM policy AWSCloudShellFullAccess provides full access to CloudShell, including file upload and download capability between a user's local system and the CloudShell environment. Within the CloudShell environment, a user has sudo permissions and can access the internet. It is therefore possible to install software and transfer data to external systems.

Similar

Sections
- /frameworks/cis-aws-v6.0.0/02/21

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CIS AWS v6.0.0 → 💼 2.21 Ensure access to AWSCloudShellFullAccess is restricted (Manual)			1		no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CIS AWS v6.0.0 → 💼 2.21 Ensure access to AWSCloudShellFullAccess is restricted (Manual)			1		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (1)

Policy	Logic Count	Flags	Compliance
🛡️ AWS IAM AWSCloudShellFullAccess Policy is attached🟢	1	🟢 x6	no data

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​