AWS IAM role with external cross-account trust relationship does not use an external ID

iam
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Description

To reduce the risk of confused deputy attacks, external vendors should use an external ID when assuming a role in your AWS account.

Rationale

The use of external IDs mitigate the risk of confused deputy attacks.

Remediation

Ensure all external identities use an external ID when assuming a role in your AWS account.