Get full access to Hands-On AWS Penetration Testing with Kali Linux and 60K+ other titles, with a free 10-day trial of O'Reilly.

There are also live events, courses curated by job role, and more.

Start your free trial

Passed roles

When a CloudFormation stack is created, there is the option to pass an IAM role to it for the deployment process. If a role is passed, the stack will be created using that role, but if a role is not passed, then CloudFormation just uses the current user privileges to deploy the stack. This opens the possibility of privilege escalation through stacks that have already been passed roles when they were created.

Let's say that a user we compromised has "cloudformation:*" permissions, but not "iam:PassRole". This means that we cannot escalate our privileges by creating a new stack and passing it a role with higher privileges than what we have (because that requires the "iam:PassRole" permission), but it does mean that we can modify ...

Get Hands-On AWS Penetration Testing with Kali Linux now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Don’t leave empty-handed

Get Mark Richards’s Software Architecture Patterns ebook to better understand how to design components—and how they should interact.

It’s yours, free.

Get it now

Check it out now on O’Reilly

Dive in for free with a 10-day trial of the O’Reilly learning platform—then explore all the other resources our members count on to build skills and solve problems every day.

Start your free trial Become a member now