Introduction

What?

Pentester Academy labs for identifying, enumerating and exploiting overly permissive IAM users, roles and policies.

Why?

AWS Policies are a key foundation in good cloud security, but they are often overlooked.

How?

• IAM enumeration

• Misconfigured trust policy

• Overly permissive permission I

• Dangerous policy combination I

• Dangerous policy combination II

• Overly permissive permission II

• Pass Role: EC2

• Pass Role: Lambda

• Pass Role: CloudFormation