Our company is trying to pass security compliance, and one of requirements is not to have inline policies attached to roles. Is it possible to replace created by default inline policy attached to role with customer managed? Idea is not to have roles with inline policy at all.
Clarification
Mostly all is fixed, except Role and Policy automatically created when we use events S3 events with existing bucket. According documentation(Serverless Framework - AWS Lambda Events - S3):
NOTE: Using the existing
config will add an additional Lambda function and IAM Role to your stack.
Question is - how to replace inline policy with managed policy in the role that serverless creates automatically when you use s3 events? Or replace the role with manually created, or other option exist?
Yes, it is possible to replace an inline policy with a customer managed policy in AWS Identity and Access Management (IAM).