iam-policies-attach-to-groups-not-users

Status: IN

AWS best practice is to attach IAM policies to groups or roles, not directly to individual IAM users.

Source: entries/2026/03/11/IAM-latest-UserGuide-security-audit-guidehtml.md

JSON