IAM User Should Not Have Any Inline or Attached Policies Rule

This rule states that IAM users should not be assigned any inline or attached policies.

Rule	IAM user should not have any inline or attached policies
Framework	FedRAMP Low Revision 4
Severity	✔ Low

Rule Description:

The rule states that IAM users should not have any inline or attached policies for FedRAMP Low Revision 4. This is to ensure compliance with the security requirements specified by FedRAMP (Federal Risk and Authorization Management Program) for Low impact level systems.

Troubleshooting Steps:

1.
Identify IAM users with attached policies:
- Review the IAM user list to identify users with attached policies.
- Look specifically for users with policies related to FedRAMP Low Revision 4.

2.
Review policies for FedRAMP Low Revision 4:
- Check the attached policies to determine if any of them are related to FedRAMP Low Revision 4.
- Verify if the policies are inline policies or attached policies.

3.
Remove or detach policies:
- If any IAM user has an inline policy for FedRAMP Low Revision 4, remove the policy directly from the user's IAM settings.
- If any IAM user has an attached policy for FedRAMP Low Revision 4, detach the policy from the user's IAM settings.

Necessary Codes (if applicable):

There are no specific codes required for this rule.

Step-by-Step Guide for Remediation:

To remediate and ensure that IAM users do not have any inline or attached policies for FedRAMP Low Revision 4, follow these steps:

1.

Sign in to the AWS Management Console with your administrator-level credentials.

2.

Open the IAM service from the services menu.

3.

Click on "Users" in the left navigation pane to view the list of IAM users.

4.

Review the list of IAM users and identify those with attached policies.

5.

Click on the user's name to access their IAM settings.

6.

Scroll down to the "Permissions" section.

7.

In the "Permissions" section, locate the inline policies settings.

8.

If there are any inline policies related to FedRAMP Low Revision 4, remove them by clicking "Delete" next to each policy.

9.

Scroll up to the "Managed policies" section.

10.

Review the list of attached policies and identify the policy related to FedRAMP Low Revision 4.

11.

Click on the policy name to view its details.

12.

In the policy details page, click "Detach policy" to remove the policy from the user's IAM settings.

13.

Confirm the detachment by clicking "Detach" in the confirmation dialog box.

14.

Repeat steps 5 to 13 for each IAM user with relevant policies.

By following these steps, you can ensure that IAM users do not have any inline or attached policies for FedRAMP Low Revision 4, enforcing compliance with the security requirements.

IAM User Should Not Have Any Inline or Attached Policies Rule

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Troubleshooting Steps:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Necessary Codes (if applicable):

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Step-by-Step Guide for Remediation:

Is your System Free of Underlying Vulnerabilities? Find Out Now

Troubleshooting Steps:

Necessary Codes (if applicable):

Step-by-Step Guide for Remediation:

Is your System Free of Underlying Vulnerabilities?
Find Out Now