IAM users should have assigned permissions

Description

IAM Users without permissions can lead to potential security risks and misconfigurations. Users without assigned policies should be investigated and removed if not needed.

Remediation

See the Managing IAM Policies and Assigning Permissions to IAM Users documentation for steps on how to assign appropriate permissions to IAM users. If a user is no longer required, refer to the Removing IAM Users documentation to safely delete the user.