Details
A policy is a document that formally states one or more permissions.
Managed policies are standalone policies that you can attach to multiple users, groups, and roles in your AWS account. Managed policies apply only to identities (users, groups, and roles) – not resources. You must ensure that you have an IAM managed policy created with admin permissions for all the AWS services used by the application.
An IAM admin policy with permissions for all the AWS services used by the application must exist for administration purposes.
Solution
Using the Amazon unified command line interface:
* Create an IAM managed admin policy for all AWS services used:
aws iam create-policy –policy-name <_admin_policy_name>_ –policy-document file://policy
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system amazon_aws.