This issue has been resolved with today's e-deploy. If you encounter any issues with this signature, please contact email@example.com.
Posted Aug 15, 2018 - 12:52 PDT
An issue has been identified with AWS:IAM-011 where a false alert is generated if the Evident Service Role was set to use the AWS SecurityAudit policy. AWS updated the SecurityAudit policy on 7/30/18, which included 3 additional roles that the current signature does not account for. A fix is being worked on and expected soon. If you have any questions please contact us at https://support.paloaltonetworks.com.