Ensure unattached policies are removed

Error: Unattached policies are not removed

Bridgecrew Policy ID: BC_AWS_IAM_39
Severity: LOW

Unattached policies are not removed


AWS IAM policies control access permissions for each IAM user, role and group created in your AWS account. An unattached policy is defined as a policy that does not have any principals attached to it.

We recommend that you track usage and non-usage of policies to prevent any accidental changes that may lead to future unauthorized access.

Fix - Runtime

CLI Command

To remove a policy, use the following command:

aws iam delete-policy --policy-arn <value>