Ensure IAM Users Receive Permissions Only Through Groups

Rating 🐑 - Low

Description

Controlling access for users should be done through groups.

Vulnerability

Attaching policies directly to user accounts will obfuscate the access a user will have, and can result in permission creep.

Remediation

Create IAM groups for each job function, and add the users to the groups.

References