AdministratorDecember 5, 2023 at 4:00 pm
Thanks for your valuable insight.
Yes, I agree with you. For the usage of IAM roles to make sense, a trust policy with a valid principal representing the auditor (be it an IAM user or federated user) must be established first. Without specifying the auditor’s origin, creating an IAM user with read permissions could be a viable solution as well.
We’ll make sure to clarify and refine the wording to remove any confusion.
Let me know if you have further clarifications.
Carlo @ Tutorials Dojo