Control: AWS > NIST 800-53 > IAM > IAM groups, users, and roles should not have any inline policies

Ensure an AWS Identity and Access Management (IAM) user, IAM role or IAM group does not have an inline policy to control access to systems and assets.

Resource Types

This control targets the following resource types:

AWS > IAM > Group
AWS > IAM > Role
AWS > IAM > User

In Your Workspace

Controls by Resource report
Controls by Control Type report

Developers

Control Type URI

tmod:@turbot/aws-nist-800-53#/control/types/iamGroupUserRoleNoInlinePolicies

Category URI

tmod:@turbot/turbot#/control/categories/complianceNist80053

GraphQL

query controlType(id: "tmod:@turbot/aws-nist-800-53#/control/types/iamGroupUserRoleNoInlinePolicies") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-nist-800-53#/control/types/iamGroupUserRoleNoInlinePolicies'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-nist-800-53#/control/types/iamGroupUserRoleNoInlinePolicies"