IAM groups should have assigned permissions

Description

IAM groups without permissions can lead to potential security risks and misconfigurations. Groups without assigned policies should be investigated and removed if not needed.

Remediation

From the console

See the Remove IAM Groups documentation for detailed steps on how to delete IAM groups.

Refer to the Managing IAM Policies documentation for detailed steps and best practices on policy management.