/
AWS-IAM-IAM-User-Unauthorized-to-Edit

AWS-IAM-IAM-User-Unauthorized-to-Edit

Severity : High

Description: This control identify that IAM users are not authorized to edit IAM policies and decommission them in order to protect against unapproved access. Allowing unauthorized IAM users to edit access policies can lead to security breaches. To prevent any unauthorized requests made to edit IAM access policies, action must restrict access only to trusted IAM users. If not specified, any IAM user with permission to edit IAM access policies would be security risk.

Remediation Steps:

Perform following to update IAM policy for IAM user :

  1. Login to the AWS Management Console at https://console.aws.amazon.com.

  2. Navigate to IAM console.

  3. In the navigation pane, click Users.

  4. Click on the IAM user name that need to remove access permission for.

  5. On the IAM user configuration page, select the permissions tab.

  6. Find the access policy which give access permissions to user and click X next to policy to remove the policy.

  7. Click Remove to confirm the removal.

Important:

Reference:

Related content

AWS-IAM-IAM-Role-Policies
AWS-IAM-IAM-Role-Policies
More like this
AWS-EC2-Public-IP-Address-EC2-Instances
AWS-EC2-Public-IP-Address-EC2-Instances
Read with this
AWS-IAM-Known-Bad-Policy
AWS-IAM-Known-Bad-Policy
More like this
AWS-EC2-Open-All-Ports-Protocols
AWS-EC2-Open-All-Ports-Protocols
Read with this
AWS-IAM-No-User-IAM-Policies
AWS-IAM-No-User-IAM-Policies
More like this
AWS-EC2-VPC-PrivateLink-Endpoint-Acceptance-Required
AWS-EC2-VPC-PrivateLink-Endpoint-Acceptance-Required
Read with this

Blue Hexagon Proprietary