Plugin Title No User IAM Policies
Cloud AWS
Category IAM
Description Ensures IAM policies are not connected directly to IAM users
More Info To reduce management complexity, IAM permissions should only be assigned to roles and groups. Users can then be added to those groups. Policies should not be applied directly to a user.
AWS Link http://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#use-groups-for-permissions
Recommended Action Create groups with the required policies, move the IAM users to the applicable groups, and then remove the inline and directly attached policies from the IAM user.


Detailed Remediation Steps

Want to scan for this risk automatically?

Get Started Now