AWS Built a Security Tool. It Introduced a Security Risk.
(If you missed the previous parts of this trust policy blog series, we recommend reading parts one and two first)In the previous post of this series, we explored four dangerous misconceptions regarding how to securely set up cross-account access in AWS environments.In this final post of the series, we’ll walk ... Read More
Secure Cross-Account Access is Tricky. Four Common Dangerous Misconceptions
The core of secure cross-account access in AWS is IAM role trust policies. Even technically correct trust policies can open dangerous gaps in an organization’s risk surface.In this second part of a three-part series about IAM trust policies, we’ll dive deeper into cross-account trust policies, explaining four major misconceptions we ... Read More
IAM Role Trust Policies: Misconfigurations Hiding in Plain Sight
Even small misconfigurations in role trust policies can unintentionally create critical privilege escalation risks in AWS, such as allowing low-privileged users to assume admin roles.In this first post of a three-part series on role trust policies, we’ll explore how AWS’s documentation makes these policies unnecessarily confusing and easy to misconfigure ... Read More
