# iam-user-no-policies-check
<a name="iam-user-no-policies-check"></a>

Checks if none of your Amazon Identity and Access Management (IAM) users have policies attached. IAM users must inherit permissions from IAM groups or roles. The rule is NON\$1COMPLIANT if there is at least one policy that is attached to the IAM user. 



**Identifier:** IAM\$1USER\$1NO\$1POLICIES\$1CHECK

**Resource Types:** AWS::IAM::User

**Trigger type:** Configuration changes

**Amazon Web Services Region:** All supported Amazon regions except Asia Pacific (New Zealand), Asia Pacific (Thailand), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Malaysia), Asia Pacific (Melbourne), Mexico (Central), Israel (Tel Aviv), Asia Pacific (Taipei), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region

**Parameters:**

None  

## Amazon CloudFormation template
<a name="w2aac20c16c17b7d951c19"></a>

To create Amazon Config managed rules with Amazon CloudFormation templates, see [Creating Amazon Config Managed Rules With Amazon CloudFormation Templates](aws-config-managed-rules-cloudformation-templates.md).