inspector:RegisterCrossAccountAccessRole is a Write access-level action in the inspector service. Grants permission to register the IAM role that Amazon Inspector uses to list your EC2 instances at the start of the assessment run or when you call the PreviewAgents action
This action does not support resource-level permissions; use "Resource": "*" in your policy.
No condition keys are documented for this action.
A minimal policy that allows inspector:RegisterCrossAccountAccessRole. Replace "Resource": "*" with a specific ARN to follow least privilege.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowInspectorRegisterCrossAccountAccessRole",
"Effect": "Allow",
"Action": "inspector:RegisterCrossAccountAccessRole",
"Resource": "*"
}
]
}