← Back to Overview

jenkins-worker-role High Risk

arn:aws:iam::123456789012:role/jenkins-worker-role • Created 12 months ago

Start Remediation

Permission Analysis

Annotation: Breakdown of used vs. unused permissions based on Access Advisor data.
8
Used Services
142
Unused Permissions
Service Granted Access Last Accessed Status
Amazon S3 Full Access 2 hours ago Active
Amazon EC2 Full Access 3 days ago Active
IAM PassRole, CreateUser Never Risk: Overprivileged
Amazon KMS Decrypt, Encrypt 182 days ago Unused

Attached Policies

AdministratorAccess
AWS Managed Policy
Critical
JenkinsS3Access
Customer Managed Policy
Narrow

Risk Indicators

Privilege Escalation

Role can create new IAM users and attach policies.

Excessive Permissions

Role has '*' permission on 12 services not used in 90 days.

Usage Timeline

Annotation: Simple history of recent activity for verification.
  • S3:GetObject
    Today, 10:45 AM
  • EC2:DescribeInstances
    Yesterday, 4:20 PM
  • S3:ListBucket
    Oct 24, 2023

Recommended Action

Remove AdministratorAccess and replace with a scoped policy containing only the 8 used services.

Apply Recommendation