Empty IAM groups are not removed

Description

AWS IAM groups are collections of IAM users. Groups let you specify permissions for multiple users, which can make it easier to manage the permissions across users. Any user in a group automatically has the permissions that are assigned to the group. If a new user joins your organization and needs administrator privileges, you can assign the appropriate permissions by adding the user to the relevant group.

We recommend that you track usage and non-usage of groups to prevent any accidental changes that may lead to future unauthorized access.

Fix - Runtime

CLI Command

To remove an IAM group, use the following command:

aws iam delete-group --group-name <value>