The Accounting department at Example Corp. has made a decision to hire a third-party firm, AnyCompany, to monitor Example Corp.'s AWS account to help optimize costs.
The Security Engineer for Example Corp. has been tasked with providing AnyCompany with access to the required Example Corp. AWS resources. The Engineer has created an IAM role and granted permission to AnyCompany's AWS account to assume this role.
When customers contact AnyCompany, they provide their role ARN for validation. The Engineer is concerned that one of AnyCompany's other customers might deduce Example Corp.'s role ARN and potentially compromise the company's account.
What steps should the Engineer perform to prevent this outcome?
kiev
Highly Voted 3 years, 8 months agocissp4365
Highly Voted 3 years, 8 months agoRaphaello
Most Recent 1 year, 4 months agoscanner2
2 years agoITGURU51
2 years, 3 months agojishrajesh
2 years, 6 months agotobedeleted
2 years, 8 months agosapien45
2 years, 11 months agoRadhaghosh
3 years, 5 months agoLarsson
3 years, 8 months agoNANDY666
3 years, 8 months agoDanMuniz
3 years, 8 months agoforeverlate88
3 years, 8 months agodeegadaze1
3 years, 8 months agotesting4321
3 years, 8 months agoAwraith
3 years, 9 months agoBigDaddyNeo
3 years, 7 months agodroogie
3 years, 8 months agogfhbox0083
3 years, 9 months agoGSH
3 years, 9 months ago