Query: Ensure IAM policies are attached only to groups or roles

Description

By default, IAM users, groups, and roles have no access to AWS resources. IAM policies are the means by which privileges are granted to users, groups, or roles. It is recommended that IAM policies be applied directly to groups and roles but not users.

Query

Tables used in this query:

• aws_iam_user

Controls using this query:

• 1.16 Ensure IAM policies are attached only to groups or roles
• Ensure IAM policies are attached only to groups or roles

SQL