Skip to content

Unattached policies are not removed

Description

AWS IAM policies control access permissions for each IAM user, role and group created in your AWS account. An unattached policy is defined as a policy that does not have any principals attached to it.

We recommend that you track usage and non-usage of policies to prevent any accidental changes that may lead to future unauthorized access.

Fix - Runtime

CLI Command

To remove a policy, use the following command:

aws iam delete-policy --policy-arn <value>