💼 1.16 Ensure IAM policies are attached only to groups or roles

ID: /frameworks/cis-aws-v1.2.0/01/16

Description

By default, IAM users, groups, and roles have no access to AWS resources. IAM policies are the means by which privileges are granted to users, groups, or roles. It is recommended that IAM policies be applied directly to groups and roles but not users.

Similar

Sections
- /frameworks/cis-aws-v1.3.0/01/15
Internal
- ID: dec-c-349d9315

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CIS AWS v1.3.0 → 💼 1.15 Ensure IAM Users Receive Permissions Only Through Groups		1	1		no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CIS AWS v1.3.0 → 💼 1.15 Ensure IAM Users Receive Permissions Only Through Groups		1	1		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (1)

Policy	Logic Count	Flags	Compliance
🛡️ AWS IAM User has inline or directly attached policies🟢	1	🟠 x1, 🟢 x5	no data

Internal Rules

Rule	Policies	Flags
✉️ dec-x-4157c58a	1

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​

Internal Rules​