Vulnerabilities
Misconfiguration
Runtime Security
Compliance
AWS > IAM >

Group Inline Policies

LOW
Source
CloudSploit
ID
group-inline-policies
management console

Group Inline Policies

Ensures that groups do not have any inline policies

Managed Policies are recommended over inline policies.

Follow the appropriate remediation steps below to resolve the issue.

  1. Log in to the AWS Management Console.

  2. Select the “Services” option and search for IAM. Step

  3. Scroll down the left navigation panel and choose “User groups”. Step

  4. In the “User groups” page, click on the “Group name” to exapnd the respective attributes.Step

  5. In the “User groups” summary page, click on the “Permissions” and check for attached inline policies.Step

  6. Repeat steps 2 - 5 to check other “User groups” in the account.

  7. Navigate to IAM dashboard at https://console.aws.amazon.com/iam/.

  8. In the “IAM dashboard”, click on the “User groups” option at the left navigation panel.

  9. In the “User groups” page, select the group name for which inline policies need to be removed.Step

  10. Select the inline policy by selecting the checkbox and click on the “Remove” button under the “Permissions” tab.Step

  11. On the “Remove” tab, enter the inline policy name and click on the “Delete” button to remove the inline policy.

  12. Repeat steps number 7 - 11 to remove inline policies attached to groups.

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use