7 Setting Up an IAM Privilege Escalation Lab

Imagine yourself setting up a shared cloud environment for a machine learning (ML) workshop for 100 participants. After preparing the cloud resources needed for the workshop session, you then proceed with the creation of Identity and Access Management (IAM) user accounts for accessing the resources running inside the cloud account. During the workshop session, you find out that all resources inside your cloud account have been deleted! It seems that the shared cloud account used by the workshop participants has been completely compromised. Upon investigation, you find out that one of the workshop participants was able to successfully escalate privileges by exploiting an IAM misconfiguration to gain ...

Get Building and Automating Penetration Testing Labs in the Cloud now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Building and Automating Penetration Testing Labs in the Cloud by Joshua Arvin Lat

7

Setting Up an IAM Privilege Escalation Lab

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly