feat(aws): add bedrock_full_access_policy_attached security check

[danibarranqueroo]

Context

The AmazonBedrockFullAccess AWS-managed policy grants unrestricted access to all Amazon Bedrock actions and resources. If an IAM role with this policy is compromised, an attacker could invoke any model to exfiltrate data or generate harmful content, modify guardrails, logging, and security configurations, or incur significant costs through unrestricted model invocations. Organizations using Bedrock should follow least privilege and avoid attaching this overly broad policy to non-service roles.

Description

This check evaluates all IAM roles (excluding service roles) for attachment of the AmazonBedrockFullAccess managed policy. A role passes if the policy is not attached; it fails if the policy is found among the role's attached policies. The recommended remediation is to detach AmazonBedrockFullAccess and replace it with a scoped custom policy granting only the specific Bedrock actions required, supplemented by permissions boundaries and SCPs.

Steps to review

1. Review the check implementation at prowler/providers/aws/services/bedrock/bedrock_full_access_policy_attached/
2. Review the metadata file for correct severity, remediation, and compliance mappings
3. Review compliance framework mappings in prowler/compliance/aws/ to ensure the check is correctly mapped to relevant requirements
4. Run the check tests: poetry run pytest tests/providers/aws/services/bedrock/bedrock_full_access_policy_attached/ -v
5. Run the check against a real environment (if possible):

   prowler aws --check bedrock_full_access_policy_attached

Related Issues

https://prowlerpro.atlassian.net/browse/PROWLER-630

Checklist

Community Checklist

• This feature/issue is listed in here or roadmap.prowler.com
• Is it assigned to me, if not, request it via the issue/feature in here or Prowler Community Slack

• Review if the code is being covered by tests.
• Review if code is being documented following this specification https://github.com/google/styleguide/blob/gh-pages/pyguide.md#38-comments-and-docstrings
• Review if backport is needed.
• Review if is needed to change the Readme.md
• Ensure new entries are added to CHANGELOG.md, if applicable.

SDK/CLI

• Are there new checks included in this PR? Yes
  • If so, do we need to update permissions for the provider? Please review this carefully.

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[github-actions]

✅ Conflict Markers Resolved

All conflict markers have been successfully resolved in this pull request.

[github-actions]

✅ All necessary CHANGELOG.md files have been updated.

[github-actions]

Compliance Mapping Review

This PR adds new checks. Please verify that they have been mapped to the relevant compliance framework requirements.

New checks already mapped in this PR

• bedrock_full_access_policy_attached (aws): aws_well_architected_framework_security_pillar_aws, c5_aws, iso27001_2022_aws, kisa_isms_p_2023_aws, kisa_isms_p_2023_korean_aws, nist_csf_2.0_aws, secnumcloud_3.2_aws, soc2_aws

Use the no-compliance-check label to skip this check.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 6.53%. Comparing base (961f9c8) to head (2e3b99f).
⚠️ Report is 3 commits behind head on master.

❗ There is a different number of reports uploaded between BASE (961f9c8) and HEAD (2e3b99f). Click for more details.

HEAD has 1 upload less than BASE

Flag	BASE (961f9c8)	HEAD (2e3b99f)
api	1	0

Additional details and impacted files

@@             Coverage Diff             @@
##           master   #10577       +/-   ##
===========================================
- Coverage   93.55%    6.53%   -87.03%     
===========================================
  Files         225      841      +616     
  Lines       31645    23940     -7705     
===========================================
- Hits        29607     1564    -28043     
- Misses       2038    22376    +20338     

Flag	Coverage Δ
api	?
prowler-py3.10-aws	6.53% <100.00%> (?)
prowler-py3.11-aws	6.53% <100.00%> (?)
prowler-py3.12-aws	6.53% <100.00%> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

Components	Coverage Δ
prowler	6.53% <100.00%> (∅)
api	∅ <ø> (∅)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

🔒 Container Security Scan

Image: prowler:f39a03b
Last scan: 2026-04-06 15:59:46 UTC

📊 Vulnerability Summary

Severity	Count
🔴 Critical	4
Total	4

4 package(s) affected

⚠️ Action Required

Critical severity vulnerabilities detected. These should be addressed before merging:

• Review the detailed scan results
• Update affected packages to patched versions
• Consider using a different base image if updates are unavailable

---

📋 Resources:

• Download full report (see artifacts)
• View in Security tab
• Scanned with Trivy

[HugoPBrito]

The check should match the AWS-managed policy by ARN, not only by name.

[HugoPBrito]

This check is supposed to detect the AWS-managed AmazonBedrockFullAccess policy, but the current implementation only matches on PolicyName. That can lead to false positives if a customer-managed policy exists with the same name. Matching on PolicyArn makes the check precise and ensures it only flags the AWS-managed policy described in the metadata and remediation.

Suggested change

	if policy["PolicyName"] == "AmazonBedrockFullAccess":
	for policy in role.attached_policies:
	if policy["PolicyArn"] == "arn:aws:iam::aws:policy/AmazonBedrockFullAccess":
	report.status = "FAIL"
	report.status_extended = f"IAM Role {role.name} has AmazonBedrockFullAccess policy attached."
	break