Skip to main content
Room Banner
Back to all walkthroughs
Room Icon

The Over-Privileged User

Max room.

Dive into a common IAM misconfiguration: a user is "temporarily" granted far too much power, then learn to spot it and scope it down.

medium

30 min

1

User profile photo.
User profile photo.

To access material, start machines and answer questions login.

A developer, named Carl, joined the team and needed access to . An overzealous admin, with little time to spare, gave him full Administrator rights directly.
"We'll scope it later", said the admin as he rushed to the next task.

Weeks pass, and the developer still has unrestricted access to every service and resource. What can come later is a security breach.

In this room, you will take on the role of a security analyst who audits user permissions, identifies and remediates misconfigurations, and develops a secure deployment strategy.

Learning Objectives

  • Understand how policy evaluation works
  • Identify over-permissive policies on users
  • Remove excessive permissions with scoped, least-privilege policies
  • Design a group-based model
  • Use Policy Simulator to validate permission changes

Prerequisites

Answer the questions below

Let's get to work.