Query: IAM roles should not have read only access for external AWS accounts

Description

Ensure IAM Roles do not have ReadOnlyAccess access for external AWS account. The AWS-managed ReadOnlyAccess policy carries a high risk of potential data leakage, posing a significant threat to customer security and privacy.

Query

Tables used in this query:

• aws_iam_role

Controls using this query:

• IAM roles should not have read only access for external AWS accounts

SQL