IAM Role Trust Policies: Misconfigurations Hiding in Plain Sight(token.security)
token.security
IAM Role Trust Policies: Misconfigurations Hiding in Plain Sight
https://www.token.security/blog/iam-role-trust-policies-misconfigurations-hiding-in-plain-sight
2 comments
The instance profile example makes it seem like you need to specify the account for "Service": "ec2.amazonaws.com" just with another syntax, while service principals are always in the same account AFAIK.
[deleted]