IAM - Privilege Escalation
Tips and tricks for escalating privileges using IAM actions.
iam:CreatePolicyVersion and iam:SetDefaultPolicyVersion
If these two actions are available, you can update a policy with modified permissions and enable it for use.
Create an IAM permissions policy locally saved to a JSON file e.g.,
pageEscalate Privileges by IAM Policy Rollback
iam:SetExistingDefaultPolicyVersion
If this action is available, you can attach a different version of an IAM policy to an IAM user.
Potentially, another policy has a different set of privileges to give you more or new access.
iam:AttachUserPolicy
If this action is available, you can attach a new policy to an IAM user
iam:UpdateAssumeRolePolicy
With this action, you can modify an IAM Role's Trust Policy and enable yourself to assume it
You could choose an IAM user, role, or service
Last updated