Plugin Title No Custom Owner Roles
Cloud AZURE
Category Active Directory
Description Ensures that no custom owner roles exist.
More Info Subscription owners should not include permissions to create custom owner roles. This follows the principle of least privilege.
AWS Link https://docs.microsoft.com/en-us/azure/role-based-access-control/custom-roles
Recommended Action Remove roles that allow permissions to create custom owner roles.


Detailed Remediation Steps

Want to scan for this risk automatically?

Get Started Now