Permissions required for Misconfigurations Detection

  arn:aws:iam::aws:policy/SecurityAudit
  arn:aws:iam::aws:policy/ReadOnlyAccess

  account:GetAccountInformation
  s3:ListBucket
  lambda:GetFunction
  dynamodb:DescribeTableReplicaAutoScaling
  sns:GetSubscriptionAttributes
  cloudwatch:GetMetricStatistics
  cloudwatch:ListMetrics
  billing:Get*
  payments:List*
  budgets:Describe*
  budgets:View*
  ce:Get*
  ce:Describe*
  ce:List*
  cur:Describe*
  cur:GetUsage*
  pricing:*
  account:GetAccountInformation
  savingsplans:Describe*