Showing Posts From
January 2023
-
Matthew Keogh 
Tom Taylor-MacLean - 17 Jan 2023
Dangers of a Service as a Principal in AWS Resource-Based Policies
A critical AWS security vulnerability involves overly permissive resource-based policies that can allow cross-account access to services like SNS and Lambda. These policies enable attackers to interact with resources without direct account permissions, potentially bypassing network restrictions. The attack can exploit AWS service principals to gain unauthorized access to sensitive resources across different AWS accounts.