Delete IAM policies (console) - Amazon Identity and Access Management
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Delete IAM policies (console)

You can use the Amazon Web Services Management Console to delete customer managed policies and inline policies in IAM. The number and size of IAM resources in an Amazon account are limited. For more information, see IAM and Amazon STS quotas.

Note

Deletion of IAM policies is permanent. After the policy is deleted it cannot be recovered.

For more information about IAM policy structure and syntax, see Policies and permissions in Amazon Identity and Access Management and the IAM JSON policy element reference.

For more information about the difference between managed and inline policies, see Managed policies and inline policies.

Prerequisites

Before you delete a policy, you should review its recent service-level activity. This is important because you don't want to remove access from a principal (person or application) who is using it. For more information about viewing last accessed information, see Refine permissions in Amazon using last accessed information.

Deleting IAM policies (console)

You can delete a customer managed policy to remove it from your Amazon Web Services account. You cannot delete Amazon managed policies.

To delete a customer managed policy (console)
  1. Sign in to the Amazon Web Services Management Console and open the IAM console at https://console.amazonaws.cn/iam/.

  2. In the navigation pane, choose Policies.

  3. Select the radio button next to the customer managed policy to delete. You can use the search box to filter the list of policies.

  4. Choose Actions, and then choose Delete.

  5. Follow the instructions to confirm that you want to delete the policy, and then choose Delete.

Deleting inline policies (console)

You can delete an inline policy to remove it from your Amazon Web Services account. You cannot delete Amazon managed policies.

To delete an inline policy for a user group, user, or role (console)
  1. In the navigation pane, choose User groups, Users, or Roles.

  2. Choose the name of the user group, user, or role with the policy that you want to delete. Then choose the Permissions tab.

  3. Select the check boxes next to the policies to delete and choose Remove. To delete an inline policy in Users or Roles, choose Remove to confirm the deletion. If you are deleting a single inline policy in User groups, type the name of the policy and choose Delete. If you are deleting multiple inline policies in User groups, type the number of policies you are deleting followed by inline policies and choose Delete. For example, if you are deleting three inline policies, type 3 inline policies.