AWS IAM role with external cross-account trust relationship does not use an external ID

iam

Description

To reduce the risk of confused deputy attacks, external vendors should use an external ID when assuming a role in your AWS account.

Rationale

The use of external IDs mitigate the risk of confused deputy attacks.

Remediation

Ensure all external identities use an external ID when assuming a role in your AWS account.

PREVIEWING: joe.farro/djm/djm-732-rm-dd-api-ips-databricks-docs