How to list AWS policies (with resource -* and action contains) attached to an instance profile?

dcpeach ✭✭✭✭✭
edited August 2022 in Asset Management
Able to list the policies but stuck on how to query whether it has resource "*" along with the action.


  • AaronO
    AaronO ✭✭✭
    Hi, thanks for your question! This should find what you're looking for:
    FIND aws_instance as i
      THAT USES aws_iam_role as r
      THAT ASSIGNED AccessPolicy as p
      THAT ALLOWS AS rule *
      WHERE rule.resources='*' AND rule.actions='*'
      r.displayName, i.displayName, i.iaminstanceProfileArn, 
      p.displayName, p.policyName, p.roleName

This Month's Leaders