14dbf9d5f3
## Review A dedicated reviewer checked the rule description successfully for: - [ ] logical errors and incorrect information - [ ] information gaps and missing content - [ ] text style and tone - [ ] PR summary and labels follow [the guidelines](https://github.com/SonarSource/rspec/#to-modify-an-existing-rule) --------- Co-authored-by: Loris S. <91723853+loris-s-sonarsource@users.noreply.github.com>
5 lines
421 B
Plaintext
5 lines
421 B
Plaintext
Defining a custom role for a Subscription or a Management group that allows all actions will give them the same capabilities as the built-in Owner role.
|
|
|
|
This rule raises an issue when a custom role has an assignable scope set to a Subscription or a Management Group and allows all actions (``++*++``).
|
|
|
|
To reduce the risk of intrusion of a compromised owner, it is recommended to limit the number of subscription owners. |