/
AWS-IAM-No-User-IAM-Policies

AWS-IAM-No-User-IAM-Policies

Owned by naveen
Dec 01, 2021
1 min read

Severity: Medium

Description: This control ensures that no managed policies are attached to IAM Users directly. Use of managed policies directly with IAM user add another layer to be monitored for permission misconfiguration. Assigning permissions through groups is recommended as permission assignment is unified to single layer and chances of excessive permission assignment is reduced.

Remediation Steps:

Perform following to update IAM policy for IAM user :

  1. Login to the AWS Management Console at https://console.aws.amazon.com.

  2. Navigate to IAM console.

  3. On the Left Pane, click on Users.

  4. Click on the user to remediate.

  5. Under Permissions tab, in Permission Policies section,

  6. Click on X button for each Managed policy to remove the policy.

  7. Click Detach.

Important:

Reference:

Related content

AWS-IAM-IAM-User-Unauthorized-to-Edit
AWS-IAM-IAM-User-Unauthorized-to-Edit
Blue Hexagon Documentation
More like this
AWS-IAM-Known-Bad-Policy
AWS-IAM-Known-Bad-Policy
Blue Hexagon Documentation
More like this
AWS-IAM-Unexpected-Admin-Privilege-Principal
AWS-IAM-Unexpected-Admin-Privilege-Principal
Blue Hexagon Documentation
More like this
AWS-IAM-IAM-Role-Policies
AWS-IAM-IAM-Role-Policies
Blue Hexagon Documentation
More like this
AWS-IAM-Access-Keys-Rotated
AWS-IAM-Access-Keys-Rotated
Blue Hexagon Documentation
More like this
AWS-IAM-Unexpected-S3-Listing-Principal
AWS-IAM-Unexpected-S3-Listing-Principal
Blue Hexagon Documentation
More like this

Blue Hexagon Proprietary