Ensure AWS IAM policies do not grant 'assume role' permission across all services

Typically, you use AssumeRole within your account for cross-account access. In order to follow least privilege principles, it is recommended NOT to use AssumeRole across ALL the accounts.