AWS Config Rule: IAM GROUP HAS USERS CHECK

IAM_GROUP_HAS_USERS_CHECK

Fernando Honig

Last Update há um ano

Description: Checks whether IAM groups have at least one IAM user.


Trigger type: Configuration changes


AWS Region: All supported AWS regions


How to Resolve Manually

This particular AWS Config Rule checks if you have an IAM Group without any IAM Users inside.


To resolve this manually, sign up to your AWS Management Console and go to IAM (Identity and Access Management).


In your left menu, select User groups and find the NON_COMPLIANT group and Delete the group.


How to Resolve with StackZone

This remediation can be enabled through the StackZone Config Rules Global


Go to Baseline Services -> Config Rules Global -> IAM -> Remediation and enable IAM Group Has No Users Remediation


This remediation will delete all unused groups in all AWS Accounts that are managed by StackZone


Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here

Was this article helpful?

1 out of 1 liked this article

Still need help? Message Us