AWS IAM Group Has Users
Risk | Remediation Effort |
Low | Low |
This policy validates that every IAM Group has at least one IAM user in it. Unused groups increase management complexity and attack surface, and should be deleted.
Remediation
To remediate this, delete any IAM groups that do not have any users in them. Alternatively, add appropriate users to the groups.
Reference
Last modified 2yr ago