The permissions granted to a role should be kept to the minimum required to be able to do the task. Wildcard permissions must not be used.
Open permissions for subscriptions could result in an easily compromisable account
Use targeted permissions for roles
The following example will fail the azure-authorization-limit-role-actions check.
The following example will pass the azure-authorization-limit-role-actions check.