Lateral movement

Privileged Managed Policy – User Management


An IAM Managed Policy is an object in AWS that, when associated with an identity or resource, defines their permissions. The policy {AwsIamManagedPolicy} was found with permissive permissions that allows the user the ability to create access keys for a user or create/update console login credentials. An attacker may leverage this ability in order to create or update credentials for a user other than themselves, allowing them to then log in and act on behalf of that user.
  • Recommended Mitigation

    Review the policy and consider removing any of the following actions: iam:CreateLoginProfile, iam:UpdateLoginProfile, iam:CreateAccessKey