standard
turbot/aws_compliance

Trigger: Detect & correct IAM users with IAM policy attached

Detects IAM users with a specific policy attached and detaches that policy.

Query

select
concat(
name,
' - ',
jsonb_array_elements_text(attached_policy_arns),
' [',
account_id,
']'
) as title,
jsonb_array_elements_text(attached_policy_arns) as policy_arn,
name as user_name,
account_id,
sp_connection_name as conn
from
aws_iam_user
where
attached_policy_arns is not null;

Schedule

15m

Tags

category = Compliance
mod = aws
service = AWS/IAM