prowler-cloud · danibarranqueroo · Apr 6, 2026 · Apr 6, 2026 · Apr 6, 2026 · HugoPBrito
@@ -19,6 +19,7 @@ All notable changes to the **Prowler SDK** are documented in this file.
 - `entra_conditional_access_policy_device_registration_mfa_required` check and `entra_intune_enrollment_sign_in_frequency_every_time` enhancement for M365 provider [(#10222)](https://github.com/prowler-cloud/prowler/pull/10222)
 - `entra_conditional_access_policy_block_elevated_insider_risk` check for M365 provider [(#10234)](https://github.com/prowler-cloud/prowler/pull/10234)
 - `Vercel` provider support with 30 checks [(#10189)](https://github.com/prowler-cloud/prowler/pull/10189)
+- `bedrock_full_access_policy_attached` check for AWS provider [(#10577)](https://github.com/prowler-cloud/prowler/pull/10577)
 
 ### 🔄 Changed
 

@@ -344,6 +344,7 @@
         }
       ],
       "Checks": [
+        "bedrock_full_access_policy_attached",
         "ec2_instance_profile_attached",
         "iam_aws_attached_policy_no_administrative_privileges",
         "iam_customer_attached_policy_no_administrative_privileges",

@@ -5568,6 +5568,7 @@
         }
       ],
       "Checks": [
+        "bedrock_full_access_policy_attached",
         "iam_policy_allows_privilege_escalation",
         "iam_role_administratoraccess_policy",
         "iam_policy_cloudshell_admin_not_attached",

@@ -970,6 +970,7 @@
         }
       ],
       "Checks": [
+        "bedrock_full_access_policy_attached",
         "ec2_instance_profile_attached",
         "iam_aws_attached_policy_no_administrative_privileges",
         "iam_customer_attached_policy_no_administrative_privileges",

@@ -1389,6 +1389,7 @@
       "Checks": [
         "accessanalyzer_enabled",
         "accessanalyzer_enabled_without_findings",
+        "bedrock_full_access_policy_attached",
         "iam_administrator_access_with_mfa",
         "iam_avoid_root_usage",
         "iam_aws_attached_policy_no_administrative_privileges",

@@ -1389,6 +1389,7 @@
       "Checks": [
         "accessanalyzer_enabled",
         "accessanalyzer_enabled_without_findings",
+        "bedrock_full_access_policy_attached",
         "iam_administrator_access_with_mfa",
         "iam_avoid_root_usage",
         "iam_aws_attached_policy_no_administrative_privileges",

@@ -784,6 +784,7 @@
         "iam_customer_attached_policy_no_administrative_privileges",
         "iam_customer_unattached_policy_no_administrative_privileges",
         "accessanalyzer_enabled_without_findings",
+        "bedrock_full_access_policy_attached",
         "eventbridge_bus_cross_account_access",
         "eventbridge_bus_exposed",
         "iam_policy_no_full_access_to_cloudtrail",

@@ -311,14 +311,15 @@
         }
       ],
       "Checks": [
-        "iam_policy_allows_privilege_escalation",
+        "accessanalyzer_enabled",
+        "bedrock_full_access_policy_attached",
+        "iam_group_administrator_access_policy",
         "iam_inline_policy_allows_privilege_escalation",
         "iam_no_custom_policy_permissive_role_assumption",
-        "iam_user_two_active_access_key",
-        "accessanalyzer_enabled",
+        "iam_policy_allows_privilege_escalation",
         "iam_role_administratoraccess_policy",
         "iam_user_administrator_access_policy",
-        "iam_group_administrator_access_policy"
+        "iam_user_two_active_access_key"
       ]
     },
     {

@@ -205,6 +205,7 @@
         }
       ],
       "Checks": [
+        "bedrock_full_access_policy_attached",
         "iam_aws_attached_policy_no_administrative_privileges",
         "iam_customer_attached_policy_no_administrative_privileges",
         "iam_inline_policy_no_administrative_privileges"

@@ -0,0 +1,43 @@
+{
+  "Provider": "aws",
+  "CheckID": "bedrock_full_access_policy_attached",
+  "CheckTitle": "IAM role does not have AmazonBedrockFullAccess managed policy attached",
+  "CheckType": [
+    "Software and Configuration Checks/AWS Security Best Practices",
+    "Software and Configuration Checks/Industry and Regulatory Standards/AWS Foundational Security Best Practices"
+  ],
+  "ServiceName": "bedrock",
+  "SubServiceName": "",
+  "ResourceIdTemplate": "",
+  "Severity": "high",
+  "ResourceType": "AwsIamRole",
+  "ResourceGroup": "IAM",
+  "Description": "**IAM roles** (excluding service roles) are evaluated for attachment of the AWS-managed `AmazonBedrockFullAccess` policy.\n\nThis policy grants unrestricted access to all Amazon Bedrock actions and resources.",
+  "Risk": "The `AmazonBedrockFullAccess` policy grants broad permissions across all Bedrock resources. If a role with this policy is compromised, an attacker could:\n- Invoke any model to exfiltrate data or generate harmful content\n- Modify guardrails, logging, and security configurations\n- Incur significant costs through unrestricted model invocations",
+  "RelatedUrl": "",
+  "AdditionalURLs": [
+    "https://docs.aws.amazon.com/bedrock/latest/userguide/security-iam.html",
+    "https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#grant-least-privilege"
+  ],
+  "Remediation": {
+    "Code": {
+      "CLI": "aws iam detach-role-policy --role-name <ROLE_NAME> --policy-arn arn:aws:iam::aws:policy/AmazonBedrockFullAccess",
+      "NativeIaC": "```yaml\n# CloudFormation: IAM Role without AmazonBedrockFullAccess\nResources:\n  <example_resource_name>:\n    Type: AWS::IAM::Role\n    Properties:\n      AssumeRolePolicyDocument:\n        Version: '2012-10-17'\n        Statement:\n          - Effect: Allow\n            Principal:\n              Service: ec2.amazonaws.com\n            Action: sts:AssumeRole\n      ManagedPolicyArns: []  # Critical: ensure AmazonBedrockFullAccess is NOT attached\n```",
+      "Other": "1. Open the AWS Console and go to IAM > Roles\n2. Select the role flagged by the check\n3. On the Permissions tab, find \"AmazonBedrockFullAccess\" under Attached policies\n4. Click Detach next to \"AmazonBedrockFullAccess\"\n5. Confirm the detach\n6. Attach a scoped policy granting only required Bedrock actions",
+      "Terraform": "```hcl\n# IAM Role without AmazonBedrockFullAccess\nresource \"aws_iam_role\" \"<example_resource_name>\" {\n  assume_role_policy = <<POLICY\n{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [{\n    \"Effect\": \"Allow\",\n    \"Principal\": {\"Service\": \"ec2.amazonaws.com\"},\n    \"Action\": \"sts:AssumeRole\"\n  }]\n}\nPOLICY\n\n  managed_policy_arns = []  # Critical: ensures AmazonBedrockFullAccess is NOT attached\n}\n```"
+    },
+    "Recommendation": {
+      "Text": "Apply **least privilege**: replace `AmazonBedrockFullAccess` with a custom policy granting only the specific Bedrock actions required.\n\nUse **permissions boundaries** and **SCPs** to limit the scope of Bedrock permissions. Regularly review access with **IAM Access Analyzer** to identify and remove unused privileges.",
+      "Url": "https://hub.prowler.com/check/bedrock_full_access_policy_attached"
+    }
+  },
+  "Categories": [
+    "gen-ai",
+    "identity-access"
+  ],
+  "DependsOn": [],
+  "RelatedTo": [
+    "iam_role_administratoraccess_policy"
+  ],
+  "Notes": ""
+}
@@ -0,0 +1,37 @@
+from prowler.lib.check.models import Check, Check_Report_AWS
+from prowler.providers.aws.services.iam.iam_client import iam_client
+
+
+class bedrock_full_access_policy_attached(Check):
+    """Ensure that IAM roles do not have the AmazonBedrockFullAccess managed policy attached.
+
+    This check evaluates whether IAM roles (excluding service roles) have the
+    AmazonBedrockFullAccess AWS-managed policy attached, which grants excessive
+    permissions and violates the principle of least privilege.
+    - PASS: The IAM role does not have the AmazonBedrockFullAccess policy attached.
+    - FAIL: The IAM role has the AmazonBedrockFullAccess policy attached.
+    """
+
+    def execute(self) -> list[Check_Report_AWS]:
+        """Execute the check logic.
+
+        Returns:
+            A list of reports containing the result of the check.
+        """
+        findings = []
+        if iam_client.roles:
+            for role in iam_client.roles:
+                if not role.is_service_role:
+                    report = Check_Report_AWS(
+                        metadata=self.metadata(), resource=role
+                    )
+                    report.region = iam_client.region
+                    report.status = "PASS"
+                    report.status_extended = f"IAM Role {role.name} does not have AmazonBedrockFullAccess policy attached."
+                    for policy in role.attached_policies:
+                        if policy["PolicyName"] == "AmazonBedrockFullAccess":
-                        if policy["PolicyName"] == "AmazonBedrockFullAccess":
+for policy in role.attached_policies:
+    if policy["PolicyArn"] == "arn:aws:iam::aws:policy/AmazonBedrockFullAccess":
+        report.status = "FAIL"
+        report.status_extended = f"IAM Role {role.name} has AmazonBedrockFullAccess policy attached."
+        break
-                        if policy["PolicyName"] == "AmazonBedrockFullAccess":
+for policy in role.attached_policies:
+    if policy["PolicyArn"] == "arn:aws:iam::aws:policy/AmazonBedrockFullAccess":
+        report.status = "FAIL"
+        report.status_extended = f"IAM Role {role.name} has AmazonBedrockFullAccess policy attached."
+        break
+                            report.status = "FAIL"
+                            report.status_extended = f"IAM Role {role.name} has AmazonBedrockFullAccess policy attached."
+                            break
+                    findings.append(report)
+        return findings