This is the accompanying code to the blog post Automate resolution for IAM Access Analyzer cross-account access findings on IAM roles.
This code example utilizes the AWS Cloud Development Kit.
This example also expects that AWS IAM Access Analyzer with the account analyzer is enabled in the target region. You can find the AWS CloudFormation template in this repo here. If you wish to enable IAM Access Analyzer across your organization, there is a stack set creation script in this repo here and there is a more detailed blost post Enabling AWS IAM Access Analyzer on AWS Control Tower accounts.
cdk bootstrap
cdk deploy --parameters EmailSubscriptionParameter=YOUR_EMAIL_ADDRESS_HERE