AWS IAM privilege escalation paths (iam-vulnerable)

Hi readers recently I aws looking for resources to learn about IAM misconfigurations in AWS which might lead to privilege escalation. I came across a awsome project named

iam-vulnerable(https://github.com/BishopFox/iam-vulnerable) which allows to setup your own lab environment to play and test these misconfigured users, roles and groups. Here we will be looking into lab setup and some privesc paths :)

Setup:

Note: For viewing raw http requests sent from aws cli in a proxy tool like burpsuite (Check Appendix in the last) -

1. Create a new group named “Administrators” and attach “AdministratorAccess” policy to it.

2. Next add a new user(“terraform” in my case) and make this user member of “Administators” group.

3. Click on the “terraform” user and create access keys by going to “Security Credentials” tab.