Severity : MediumDescription : Admins in an account should be assumed by people. This rule detects IAM Roles that can be granted to EC2s and other services, that has admin privileges.Critical
Description: This control ensures that there are no IAM policies exists that allows full administrative privileges. Providing full administrative privileges instead of restricting to the minimum set of permissions that the user is required to do exposes the resources to potentially unwanted actions. Policies that have a statement with "Effect": "Allow" with Admin privilege should be updated to allow limited actions. Best security practice recommend using least privilege or only the permission required to perform the task.
...