[AWS ORG] Permissions for our new organization account

[jeniawhite]

Motivation
Investigating the errors in the long living environment of the QA, I saw that we have a lot of errors on our new organization account.
We should make sure that we have permissions to perform our scans correctly.
Example:

failed to aggregate monitoring resources: operation error CloudTrail: DescribeTrails, get identity: get credentials: failed to refresh cached credentials, operation error STS: AssumeRole, https response error StatusCode: 403, RequestID: ID, api error AccessDenied: User: arn:aws:sts::ORGID:assumed-role/cloudbeat-root/aws-go-sdk-1720620241428501785 is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam::OTHERID:role/cloudbeat-securityaudit

I saw that we have hundreds of errors like that to different resources.

Definition of done
What needs to be completed at the end of this task

• We should be able to scan organization resources

Out of scope
What should not be included in this task

Related tasks/epics
Reference related issues and epics