[GH-ISSUE #107] [Improvement] Refactor current logic for normalizing S3 arns to be least privilege #86

New issue

Open

opened 2026-03-07 19:41:47 +03:00 by kerem · 0 comments

kerem commented

2026-03-07 19:41:47 +03:00

Owner

Originally created by @weibenz1 on GitHub (Jan 15, 2026).
Original GitHub issue: https://github.com/awslabs/iam-policy-autopilot/issues/107

Reference: https://github.com/awslabs/iam-policy-autopilot/pull/104#discussion_r2692235219

We should not replace the prefix that user had in policies with *, which opens up more access.

Originally created by @weibenz1 on GitHub (Jan 15, 2026). Original GitHub issue: https://github.com/awslabs/iam-policy-autopilot/issues/107 Reference: https://github.com/awslabs/iam-policy-autopilot/pull/104#discussion_r2692235219 We should not replace the prefix that user had in policies with `*`, which opens up more access.