Aqua CSPM

No User IAM Policies

Quick Info

Plugin TitleNo User IAM Policies
CloudAWS
CategoryIAM
DescriptionEnsures IAM policies are not connected directly to IAM users
More InfoTo reduce management complexity, IAM permissions should only be assigned to roles and groups. Users can then be added to those groups. Policies should not be applied directly to a user.
AWS Linkhttp://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#use-groups-for-permissions
Recommended ActionCreate groups with the required policies, move the IAM users to the applicable groups, and then remove the inline and directly attached policies from the IAM user.

Detailed Remediation Steps