🔥 3-day streak
AWS Certified Security - Specialty110 / 157
Question 110 of 157
A SaaS monitoring vendor needs read access to objects in your company's S3 buckets. The vendor asks you to create an IAM role that their AWS account can assume via sts:AssumeRole. Your security team is concerned that another customer of the same vendor could trick the vendor's software into accessing your buckets (a confused deputy attack). Which configuration in your role's trust policy most directly mitigates this risk?
Reviewed for accuracy · Report an issueNext question