Aqua CSPM

No Custom Owner Roles

Quick Info

Plugin TitleNo Custom Owner Roles
CloudAZURE
CategoryActive Directory
DescriptionEnsures that no custom owner roles exist.
More InfoSubscription owners should not include permissions to create custom owner roles. This follows the principle of least privilege.
AZURE Linkhttps://docs.microsoft.com/en-us/azure/role-based-access-control/custom-roles
Recommended ActionRemove roles that allow permissions to create custom owner roles.

Detailed Remediation Steps