iam-role-managed-policy-check - AWS Config

iam-role-managed-policy-check

Checks that the AWS Identity and Access Management (IAM) role is attached to all AWS managed policies specified in the list of managed policies. The rule is non-compliant if the IAM role is not attached to the AWS managed policy.

Identifier: IAM_ROLE_MANAGED_POLICY_CHECK

Trigger type: Configuration changes

AWS Region: All supported AWS regions

Parameters:

managedPolicyArns
Type: CSV

Comma-separated list of AWS managed policy ARNs.

AWS CloudFormation template

To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.