IAM Policy Enumeration

Introduction

Call the IAM Service to enumerate access.

• List IAM Users

aws iam list-users

• List IAM Roles

aws iam list-roles

• List IAM Groups

aws iam list-groups

• List Attached Policies for a User

aws iam list-attached-user-policies --user-name <user>

REFERENCES

• https://hackingthe.cloud/aws/enumeration/enum_iam_user_role/

• https://rhinosecuritylabs.com/aws/aws-role-enumeration-iam-p2/

• https://guide.offsecnewbie.com/cloud-pentesting#tools

• https://guide.offsecnewbie.com/cloud-pentesting/enumeration