IAM Policies

How to Use this Page

This page lists the AWS IAM Policies that Bridgecrew helps you enforce. You can browse this page, or search for a specific policy ID or short title. For each policy, press the link for more details about a policy and its remediation options.

Avoid Account Root User
Violation ID: BC_AWS_IAM_1

MFA Enabled for IAM Users
Violation ID: BC_AWS_IAM_2

Disable Credentials Unused for 90 Days
Violation ID: BC_AWS_IAM_3

Access Key Rotation
Violation ID: BC_AWS_IAM_4

IAM Password Policy - Uppercase Letter
Violation ID: BC_AWS_IAM_5

IAM Password Policy - Lowercase Letter
Violation ID: BC_AWS_IAM_6

IAM Password Policy - Symbols
Violation ID: BC_AWS_IAM_7

IAM Password Policy - Numbers
Violation ID: BC_AWS_IAM_8

IAM Password Policy - Minimum Length
Violation ID: BC_AWS_IAM_9

IAM Password Policy - No Reuse
Violation ID: BC_AWS_IAM_10

IAM Password Policy - 90 Days
Violation ID: BC_AWS_IAM_11

Avoid Root Account Access Key
Violation ID: BC_AWS_IAM_12

Enable MFA for Root Account
Violation ID: BC_AWS_IAM_13

Enable Root Account Hardware MFA
Violation ID: BC_AWS_IAM_14

Security Questions Registered
Violation ID: BC_AWS_IAM_15

IAM Policy Privileges
Violation ID: BC_AWS_IAM_16

Enable Detailed Billing
Violation ID: BC_AWS_IAM_17

Maintain Contact Details
Violation ID: BC_AWS_IAM_18

Security Contact Information Registered
Violation ID: BC_AWS_IAM_19

AWS Resource Access
Violation ID: BC_AWS_IAM_20

AWS Support Role
Violation ID: BC_AWS_IAM_21

Access Key Check
Violation ID: BC_AWS_IAM_22

Full Admin Privileges Check
Violation ID: BC_AWS_IAM_23

Rotate Access Keys - 30 Days
Violation ID: BC_AWS_IAM_24

Rotate Access Keys - 45 Days
Violation ID: BC_AWS_IAM_25

Access Key Inactivity - 90 Days
Violation ID: BC_AWS_IAM_29

User Inactivity - 30 Days
Violation ID: BC_AWS_IAM_30

Remove Unused Roles
Violation ID: BC_AWS_IAM_34

Remove Unused User
Violation ID: BC_AWS_IAM_35

Remove Unused Admin Role
Violation ID: BC_AWS_IAM_36

Remove Unused Admin User
Violation ID: BC_AWS_IAM_37

Remove Empty Groups
Violation ID: BC_AWS_IAM_38

XRemove Unattached Policies
Violation ID: BC_AWS_IAM_39

Detach Policies Unused by User
Violation ID: BC_AWS_IAM_40

Detach Policies Unused by Role
Violation ID: BC_AWS_IAM_41

Detach Policies Unused by Group
Violation ID: BC_AWS_IAM_42

No Policies Allow "*"
Violation ID: BC_AWS_IAM_43

Ensure IAM Role Assumes Specific Services and Principals
Violation ID: BC_AWS_IAM_44

Ensure IAM Role Assumes Specific Principals in Account
Violation ID: BC_AWS_IAM_45

IAM Modification Detected
Violation ID: BC_AWS_ALERT_5

Updated 22 days ago


IAM Policies


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.