0Pricing
Ethical Hacking Academy · Lesson

IAM Misconfigurations

Over-permissive roles.

Why IAM Is the Real Perimeter

In the cloud, identity is the new perimeter. IAM (Identity and Access Management) decides who can do what. A flaw in IAM lets an attacker move from a low-privilege foothold to full account control.

  • Users, roles, and service accounts are identities
  • Policies define permissions
  • Misconfigured policies are the number-one cloud risk

Most cloud privilege escalation is an IAM problem.

Users, Roles, and Policies

AWS IAM has three building blocks you must understand:

  • Users — long-lived identities with access keys
  • Roles — temporary identities that can be assumed by users or services
  • Policies — JSON documents granting or denying actions on resources

A policy attached too broadly is how over-permissioning happens.

{
  "Effect": "Allow",
  "Action": "s3:GetObject",
  "Resource": "arn:aws:s3:::reports-bucket/*"
}

All lessons in this course

  1. Cloud Attack Surface
  2. IAM Misconfigurations
  3. S3 and Storage Exposure
  4. Metadata and SSRF
← Back to Ethical Hacking Academy