AWS Config Rule: IAM NO INLINE POLICY CHECK

IAM_NO_INLINE_POLICY_CHECK

Fernando Honig

Last Update setahun yang lalu

Description: Checks that inline policy feature is not in use. The rule is NON_COMPLIANT if an AWS Identity and Access Management (IAM) user, IAM role or IAM group has any inline policy.


Trigger type: Configuration changes


AWS Region: All supported AWS regions except Asia Pacific (Osaka) Region


How to Resolve Manually

To resolve this manually, go to your AWS Management Console and select IAM.


Search for the User, Role or Group where this AWS Config Rule is marking as NON_COMPLIANT and take note of the policy permissions.


Create a Managed Policy by going to Policies -> Create Policy. Select the service(s), Actions, Resources and Request conditions to match the inline policy previously copied.


When done, go back to your User, Role or Group and attach it. After this, remove the inline policy.


How to Resolve with StackZone

You can resolve with StackZone by enabling the No Inline Policy Remediation.


Go to Baseline Services -> Config Rules Global -> IAM -> Remediation and enable No Inline Policy Remediation


Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here

Was this article helpful?

1 out of 1 liked this article

Still need help? Message Us