I'm facing an issue with the AWS Config rule iam-policy-in-use. According to the
, this rule checks whether only the IAM policies that are used to access a resource are attached to the IAM users or roles.
To address the non-compliance, I tried attaching the arn:aws:iam::aws:policy/AWSSupportAccess policy to:
- An individual IAM user.
- An IAM group that has multiple users. Despite these changes, the iam-policy-in-use rule still reports a failure.
Are there specific steps or considerations I might be missing to make the account compliant with this rule? How can I further troubleshoot or understand the reasons for the non-compliance? Any guidance or insights would be greatly appreciated.