Tear down

Please note that the changes you made to the users, groups, and roles have no charges associated with them.

  1. Using the original IAM user, for each of the roles you created select them in the IAM console at https://console.aws.amazon.com/iam/ and click Delete role. The roles created are: app1-user-region-restricted-services developer-restricted-iam
  2. For each of the policies you created, one at a time select the radio button then Policy actions drop down menu then Delete. The policies created are: restrict-region-boundary createrole-restrict-region-boundary iam-restricted-list-read

References & useful resources

Permissions Boundaries for IAM Entities AWS Identity and Access Management User Guide IAM Best Practices and Use Cases Become an IAM Policy Master in 60 Minutes or Less Actions, Resources, and Condition Keys for Identity And Access Management