AWS_IAM_26

Ensure there are no Unused IAM Group

Description

IAM groups within your AWS account should be in use and should have at least one user attached. Otherwise, remove any orphaned (unused) IAM groups in order to prevent attaching unauthorized users.

Remediation

1. Sign in to the AWS Management Console.

2. Go to the IAM dashboard.

3. In the left navigation panel, choose Groups.

4. Select the unused IAM group name that you want to remove by clicking the checkbox next to the group name.

5. Click on the Group Actions dropdown button from the IAM dashboard top menu and select the Delete Group action from the list.

6. Inside the Delete Group dialog box, click Yes, Delete button to confirm your action.

Service

IAM

Severity

Low

Compliance

Mapping

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!