---
title: IAM groups should have assigned permissions
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > OOTB Rules > IAM groups should have assigned
  permissions
---

# IAM groups should have assigned permissions
 
## Description{% #description %}

IAM groups without permissions can lead to potential security risks and misconfigurations. Groups without assigned policies should be investigated and removed if not needed.

## Remediation{% #remediation %}

### From the console{% #from-the-console %}

See the [Remove IAM Groups documentation](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_groups_manage_remove.html) for detailed steps on how to delete IAM groups.

Refer to the [Managing IAM Policies documentation](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_manage-attach-detach.html) for detailed steps and best practices on policy management.