💼 1.16 Ensure IAM policies are attached only to groups or roles

Contextual name: 💼 1.16 Ensure IAM policies are attached only to groups or roles
ID: /frameworks/cis-aws-v1.2.0/01/16
Located in: 💼 1 Identity and Access Management

Description

By default, IAM users, groups, and roles have no access to AWS resources. IAM policies are the means by which privileges are granted to users, groups, or roles. It is recommended that IAM policies be applied directly to groups and roles but not users.

Similar

Sections
- /frameworks/cis-aws-v1.3.0/01/15
Internal
- ID: dec-c-349d9315

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS AWS v1.3.0 → 💼 1.15 Ensure IAM Users Receive Permissions Only Through Groups		1	1

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS AWS v1.3.0 → 💼 1.15 Ensure IAM Users Receive Permissions Only Through Groups		1	1

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (1)

Policy	Logic Count	Flags
📝 AWS IAM User has inline or directly attached policies 🟢	1	🟠 x1, 🟢 x5

Internal Rules

Rule	Policies	Flags
✉️ dec-x-4157c58a	1

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​

Internal Rules​