UNKNOWN
Source
CloudSploit
ID
empty-groups

Empty Groups

Ensures all groups have at least one member

While having empty groups does not present a direct security risk, it does broaden the management landscape which could potentially introduce risks in the future.

Follow the appropriate remediation steps below to resolve the issue.

  1. Log into the AWS Management Console.

  2. Select the “Services” option and search for IAM. Step

  3. Scroll down the left navigation panel and choose “Groups”. Step

  4. Under the “Groups” configuration panel check the “Users” column.If the “Users” column won’t have any user make sure to delete that “Group” as it could potentially introduce risks in the future. Step

  5. Repeat steps number 3 and 4 to verify other “Groups” with at least one user.

  6. Click on the “Groups” in the left navigation panel and select the “Group” with no user.Step

  7. Select “Group Actions” option from the top menu and click on the “Delete Group” to delete the selected “Group”.Step

  8. Click on the “Yes,Delete” button in the “Delete Group” tab to delete the selected “Group”.Step