iam-role-managed-policy-check - AWS Config


Checks if all managed policies specified in the list of managed policies are attached to the AWS Identity and Access Management (IAM) role. The rule is NON_COMPLIANT if a managed policy is not attached to the IAM role.


Resource Types: AWS::IAM::Role

Trigger type: Configuration changes

AWS Region: All supported AWS regions


Type: CSV

Comma-separated list of AWS managed policy Amazon Resource Names (ARNs). For more information, see Amazon Resource Names (ARNs) and AWS managed policies in the IAM User Guide.

AWS CloudFormation template

To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.