| Plugin Title | No Custom Owner Roles |
| Cloud | AZURE |
| Category | Active Directory |
| Description | Ensures that no custom owner roles exist. |
| More Info | Subscription owners should not include permissions to create custom owner roles. This follows the principle of least privilege. |
| AZURE Link | https://docs.microsoft.com/en-us/azure/role-based-access-control/custom-roles |
| Recommended Action | Remove roles that allow permissions to create custom owner roles. |