AWS:IAM-011 may generate false positives
This issue has been resolved with today's e-deploy. If you encounter any issues with this signature, please contact
Posted Aug 15, 2018 - 12:52 PDT
An issue has been identified with AWS:IAM-011 where a false alert is generated if the Evident Service Role was set to use the AWS SecurityAudit policy. AWS updated the SecurityAudit policy on 7/30/18, which included 3 additional roles that the current signature does not account for. A fix is being worked on and expected soon. If you have any questions please contact us at
Posted Aug 14, 2018 - 10:56 PDT
This incident affected: Evident Scanning Engine.