Customize Built-In IAM Roles
Stax provides three levels of access to AWS accounts: Admin, User, and Read Only. These levels cannot be customized at the present time.
When you use Stax to single sign-on into your AWS accounts, you can grant your users access to accounts using one of three predefined roles.
In some circumstances, the permissions of these roles may not be suitable for your organization's requirements. Presently, Stax does not support customizing of these roles. If you need to use alternative roles, you could consider either limiting actions account-wide using Stax Policies, or integrating a third-party identity provider with your AWS accounts directly. Two examples of this are to use Azure AD or Okta.