Menu
AWS Identity and Access Management
User Guide

Deleting IAM Policies

You can delete IAM policies using the AWS Management Console, the AWS Command Line Interface (AWS CLI), or the IAM API.

For more information about the difference between managed and inline policies, see Managed Policies and Inline Policies.

For general information about IAM policies, see IAM Policies.

For information about policy size limitations and other quotas, see Limitations on IAM Entities and Objects.

Deleting Customer Managed Policies

You can delete a customer managed policy to remove it from your AWS account. You cannot delete AWS managed policies.

To delete a customer managed policy (console)

  1. Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/.

  2. In the navigation pane, choose Policies.

  3. Select the check box next to the customer managed policy to delete. You can use the Filter menu and the search box to filter the list of policies.

  4. Choose Policy actions, and then choose Delete.

  5. Confirm that you want to delete the policy, and then choose Delete.

To delete an inline policy for a group, user, or role (console)

  1. In the navigation pane, choose Groups, Users, or Roles.

  2. Choose the name of the group, user, or role with the policy that you want to delete. Then choose the Permissions tab. If you chose Users or Roles, expand the policy.

  3. To delete an inline policy in Groups, choose Remove Policy. To delete an inline policy in Users or Roles, choose X.

Deleting IAM Policies (AWS CLI or AWS API)

You can edit a managed or inline policy using the AWS Command Line Interface (AWS CLI) or the AWS API.

To list managed policies (AWS CLI or API)

To retrieve detailed information about a managed policy (AWS CLI or API)

To list the identities (users, groups, and roles) to which a managed policy is attached (AWS CLI or API)

To list the managed policies attached to an identity (a user, group, or role) (AWS CLI or API)

To delete a customer managed policy (AWS CLI or API)