Providing read access for Anodot using a cross-account AWS role