Back to All Checks
Low IAM

IAM users should not have IAM policies attached

PCI DSSCISNISTISO 27001HIPAA

Description

Checks whether your IAM users have policies attached. The control fails if your IAM users have policies attached.

Remediation

To ensure IAM users do not have IAM policies attached, follow these steps:

Steps

  1. Log into the AWS Management Console with an account that has administrative privileges.
  2. Navigate to the IAM dashboard and select 'Users' from the navigation pane.
  3. Review each IAM user to identify if any IAM policies are directly attached.
  4. For users with directly attached policies, click on the user name to view their permissions.
  5. In the 'Permissions' tab, identify and detach any directly attached policies.
  6. As a best practice, use IAM groups or roles to assign permissions. Attach the necessary policies to these groups or roles instead of directly to users.
  7. Add the IAM users to the appropriate groups or assign them the appropriate roles to ensure they have the necessary permissions.

Compliance

PCI DSSCISNISTISO 27001HIPAA
Start Your Free Security Check