Our company is trying to pass security compliance, and one of requirements is not to have inline policies attached to roles. Is it possible to replace created by default inline policy attached to role with customer managed? Idea is not to have roles with inline policy at all.
Clarification
Mostly all is fixed, except Role and Policy automatically created when we use events S3 events with existing bucket. According documentation(Serverless Framework - AWS Lambda Events - S3):
NOTE: Using the existing config will add an additional Lambda function and IAM Role to your stack.
Question is - how to replace inline policy with managed policy in the role that serverless creates automatically when you use s3 events? Or replace the role with manually created, or other option exist?
Yes, it is possible to replace an inline policy with a customer managed policy in AWS Identity and Access Management (IAM).
To replace the default inline policy with a customer managed policy. Regularly review and audit your policies to ensure they align with your security objectives. Implement a well defined policy lifecycle management process with proper documentation and version control. Leverage policy inheritance or organization wide policies to reduce the need for role specific policies and ensure consistency.
Yes, it is possible to replace an inline policy with a customer managed policy in various access management systems, such as AWS (Amazon Web Services) IAM (Identity and Access Management). The exact process and capabilities may differ depending on the specific system you are using.
We also facing a security compliance issue while working with the Serverless framework. Our company needs to pass security compliance, and one of the requirements is to avoid having a inline policies attached to roles. By default, the Serverless framework creates roles with inline policies, which is not in line with our compliance goals. We want to replace these default inline policies with customer-managed policies to ensure better control and adherence to security standards.