Some permissions to check roles

Author: fcracker79

modules/response_actions.cft.yaml

@@ -265,6 +265,9 @@ Resources:
           - Effect: Allow
             Action:
             - iam:GetRole
+            - iam:GetRolePolicy
+            - iam:ListRolePolicies
+            - iam:ListAttachedRolePolicies
             Resource:
             - !Sub "arn:${Partition}:iam::${AWS::AccountId}:role/sysdig-secure-ra-${NameSuffix}-*"
       Tags: