Risk Level: Low
Cloud Entity: IAM Group
CloudGuard Rule ID: D9.AWS.IAM.87
Category: Security, Identity, & Compliance
IamGroup should not have managedPolicies with [ name like 'AdministratorAccess' ]
- Go to 'IAM'
- In the menu, under 'Access management', choose 'User groups'
- For each incompliant group:
- Click on the incompliant group name
- Under 'Permissions', select the policy 'AdministratorAccess'
- Click 'Remove'
From Command Line
To remove the specified managed policy from a specified IAM group, run:
aws iam detach-group-policy --group-name GROUP-NAME --policy-arn POLICY-ARN
An IAM group is a collection of IAM users. Groups let you specify permissions for multiple users, which can make it easier to manage the permissions for those users.
- AWS CloudGuard Best Practices
- AWS CloudGuard SOC2 based on AICPA TSC 2017
- AWS HITRUST v11.0.0
- AWS MITRE ATT&CK Framework v11.3
- AWS NIST 800-53 Rev 5
- AWS PCI-DSS 4.0
Updated 6 months ago