Medium

Ensure IAM User has no inline policy

Security & Compliance
APRA
AWS Well-Architected Framework
CISAWSF
SOC2
MAS
NIST4
HIPAA
NIST 800-53
CCPA
CSA CCM
AWS Foundational Security Best Practices Controls
FedRAMP
Description

Using managed policies to define access permissions for your IAM users provides various benefits, including the ability to reuse policies, version and rollback policies, automatic updates, larger policy sizes, and granular control over policy assignments. To improve the management and control of access permissions to your AWS account, it is recommended to ensure that all IAM users are using managed policies, both AWS-managed and customer-managed, instead of inline policies (embedded policies). This can help you to more efficiently manage and control access permissions for your users while taking advantage of the benefits offered by managed policies.

Remediation

To ensure that IAM users are not using inline policies and instead are using managed policies, you can take the following remediation steps:

  1. Identify all IAM users in your AWS account that are using inline policies.
  2. Create new managed policies or select existing ones that meet your requirements.
  3. Attach the managed policies to the appropriate IAM users or groups.
  4. Remove any inline policies that are no longer needed.
  5. Monitor the IAM users to ensure they are using the appropriate policies and access permissions.

By following these remediation steps, you can ensure that IAM users are using managed policies instead of inline policies, which can provide better control and management over access permissions to your AWS resources.

Enforced Resources
IAM User
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.