UNKNOWN
Source
CloudSploit
ID
cloudformation-admin-priviliges

CloudFormation Admin Priviliges

Ensures no AWS CloudFormation stacks available in your AWS account has admin privileges.

A service role is an AWS Identity and Access Management (IAM) role that allows AWS CloudFormation to make calls to resources in a stack on your behalf. You can specify an IAM role that allows AWS CloudFormation to create, update, or delete your stack resources

Modify IAM role attached with AWS CloudFormation stack to provide the minimal amount of access required to perform its tasks