Skip to main content

πŸ’Ό 1.15 Ensure IAM Users Receive Permissions Only Through Groups

  • Contextual name: πŸ’Ό 1.15 Ensure IAM Users Receive Permissions Only Through Groups
  • ID: /frameworks/cis-aws-v1.4.0/01/15
  • Located in: πŸ’Ό 1 Identity and Access Management

Description​

IAM users are granted access to services, functions, and data through IAM policies. There are three ways to define policies for a user: 1) Edit the user policy directly, aka an inline, or user, policy; 2) attach a policy directly to a user; 3) add the user to an IAM group that has an attached policy.

Only the third implementation is recommended.

Similar​

  • Sections
    • /frameworks/cis-aws-v1.5.0/01/15
    • /frameworks/cis-aws-v1.3.0/01/15
  • Internal
    • ID: dec-c-398b4ef9

Similar Sections (Take Policies From)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό CIS AWS v1.3.0 β†’ πŸ’Ό 1.15 Ensure IAM Users Receive Permissions Only Through Groups11
πŸ’Ό CIS AWS v1.5.0 β†’ πŸ’Ό 1.15 Ensure IAM Users Receive Permissions Only Through Groups - Level 1 (Automated)11

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό CIS AWS v1.3.0 β†’ πŸ’Ό 1.15 Ensure IAM Users Receive Permissions Only Through Groups11
πŸ’Ό CIS AWS v1.5.0 β†’ πŸ’Ό 1.15 Ensure IAM Users Receive Permissions Only Through Groups - Level 1 (Automated)11

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags

Policies (1)​

PolicyLogic CountFlags
πŸ“ AWS IAM User has inline or directly attached policies 🟒1🟠 x1, 🟒 x5

Internal Rules​

RulePoliciesFlags
βœ‰οΈ dec-x-4157c58a1