Skip to main content
Room Banner
Back to all walkthroughs
Room Icon

The Overpowered Role

Max room.

Investigate how an over-permissive role can be leveraged to escalate permissions and compromise an infrastructure.

medium

45 min

1

User profile photo.
User profile photo.

To access material, start machines and answer questions login.

An application runs on an instance. It has the basic requirements to read from a specific bucket, but "someone" created an role with full access and wildcards in the policy. The application works, so nobody complained or revisited the permissions.

You will take on the role of a security analyst to investigate this misconfiguration, understand why it is bad, and learn to build it securely from day one.

Learning Objectives

  • Understand how instance profiles and roles work together
  • Understand how can expose role credentials
  • Identify over-privileged roles
  • Remediate and enforce security best practices
  • Build a secure service role from day one

Prerequisites

Answer the questions below

Power overwhelming.