AWS IAM policy with administrative privileges is not attached to any principal

iam
이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

A privileged IAM policy exists but is not attached to any principal.

Rationale

If an IAM policy is not in use it may indicate that it is no longer needed. Highly privileged policies may accidentally be attached to principals, providing them full access to all services and resources in the AWS account. Unused policies should be removed to mitigate this risk.

Remediation

Determine if the policy is needed for a particular function and if not, remove it.