CHECK_ID_check118="" 
CHECK_TITLE_check118="" 
CHECK_SCORED_check118="" 
CHECK_TYPE_check118="" 
CHECK_ALTERNATE_check118="check118" 
 
check118(){
  # "Ensure IAM Master and IAM Manager roles are active (Scored)"
  textTitle "$ID118" "$TITLE118" "SCORED" "LEVEL1"
  FINDMASTERANDMANAGER=$($AWSCLI iam list-roles $PROFILE_OPT --region $REGION --query "Roles[*].{RoleName:RoleName}" --output text | grep -E 'Master|Manager'| tr '
' ' ')
  if [[ $FINDMASTERANDMANAGER ]];then
    textNotice "Found next roles as possible IAM Master and IAM Manager candidates: "
    textNotice "$FINDMASTERANDMANAGER "
    textNotice "run the commands below to check their policies with section 1.18 in the guide..."
    for role in $FINDMASTERANDMANAGER;do
      # find inline policies in found roles
      INLINEPOLICIES=$($AWSCLI iam list-role-policies --role-name $role $PROFILE_OPT --region $REGION --query "PolicyNames[*]" --output text)
      for policy in $INLINEPOLICIES;do
        textNotice "INLINE: $AWSCLI iam get-role-policy --role-name $role --policy-name $policy $PROFILE_OPT --region $REGION --output json"
      done
      # find attached policies in found roles
      ATTACHEDPOLICIES=$($AWSCLI iam list-attached-role-policies --role-name $role $PROFILE_OPT --region $REGION --query "AttachedPolicies[*]" --output text)
      for policy in $ATTACHEDPOLICIES;do
        textNotice "ATTACHED: $AWSCLI iam get-role-policy --role-name $role --policy-name $policy $PROFILE_OPT --region $REGION --output json"
      done
    done
  else
    textWarn "IAM Master and IAM Manager roles not found"
  fi
}