Get Involved
Query: IAM roles should not have cross-account write access policies
Description
This control checks whether IAM roles have policies that allow write access to resources in other AWS accounts. Such policies can pose a security risk as they may allow unauthorized access to resources in other accounts.
Query
Tables used in this query:
Controls using this query: