Infrastructure Modification

This policy allows "Infrastructure Modification" actions. Infrastructure Modification describes IAM actions with "modify" capabilities, and can therefore lead to Resource Hijacking, unauthorized creation of Infrastructure, Backdoor creation, and/or modification of existing resources which can result in downtime.

For example, ec2:AuthorizeSecurityGroupIngress grants the permission to add one or more inbound rules to a security group; malicious usage of this IAM action could potentially lead to downtime or unintentional exposure of compute resources.