Hacktricks Aws High Quality Link

Having iam:AttachUserPolicy or iam:PutUserPolicy is effectively being an Administrator, as you can grant yourself the AdministratorAccess managed policy.

You might think "PassRole just allows attaching a role to a service. That seems fine." hacktricks aws

Use aws sts get-caller-identity to find out who you are (IAM User, Role, or Federated identity). hacktricks aws

This article explores the core pillars of AWS security through the lens of the HackTricks Cloud framework, offering a roadmap for both attackers and defenders. 1. The Foundation: AWS Enumeration hacktricks aws