Unattached policies are not removed
Description
AWS IAM policies control access permissions for each IAM user, role and group created in your AWS account. An unattached policy is defined as a policy that does not have any principals attached to it.
We recommend that you track usage and non-usage of policies to prevent any accidental changes that may lead to future unauthorized access.
Fix - Runtime
CLI Command
To remove a policy, use the following command:
aws iam delete-policy --policy-arn <value>