Unattached policies are not removed

Description

AWS IAM policies control access permissions for each IAM user, role and group created in your AWS account. An unattached policy is defined as a policy that does not have any principals attached to it.

We recommend that you track usage and non-usage of policies to prevent any accidental changes that may lead to future unauthorized access.

Fix - Runtime

CLI Command

To remove a policy, use the following command:

aws iam delete-policy --policy-arn <value>