Hey guys, I'm trying to forward all my osquery queries running on various endpoints to AWS Kinesis Data Firehose using an IAM role rather than an access key ID. Does anyone know how I can lock down the trust relationship of the role, meaning who can assume this role? This is what I'm seeing and I'd like to avoid using the wildcard (*) as the principal:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "AWS": "*"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}