Ensure unattached policies are removed
Error: Unattached policies are not removed
Bridgecrew Policy ID: BC_AWS_IAM_39
Unattached policies are not removed
AWS IAM policies control access permissions for each IAM user, role and group created in your AWS account. An unattached policy is defined as a policy that does not have any principals attached to it.
We recommend that you track usage and non-usage of policies to prevent any accidental changes that may lead to future unauthorized access.
Fix - Runtime
To remove a policy, use the following command:
aws iam delete-policy --policy-arn <value>
Updated over 1 year ago