I have a cross account role which gives some permissions to two lambda functions from another account. Recently I noticed my cross account role trusted entities keep getting modified (the lambda roles ARNs been removed from the trusted entities and I had to add them back). I'm not seeing any event in the cloudtrail related to this change! So I talked to the other account administrator and I figured they been removing and recreating those two lambdas sometimes. So I assume AWS IAM would remove the trusted entity ARN from my role if the entity doesn't exist anymore. Is this a correct assumption?
