.png)
How can I traverse the graph to find identities that have root-like privileges?
crystralRamirez
✭✭✭✭✭
I’m trying to identify all human users that have the ability to become a root user in an AWS production account. How can I traverse the graph of trust to also find identities that have root-like privileges (e.g. admin or impersonation) on those admin accounts, and identities that have permission to those indirect admin accounts, etc.? (I’m using “root” imprecisely here, but hopefully you understand the intent.)
0
Answers
-
You can try this to show admin policies:
find * that assigned AccessPolicy that allows aws_account where allows.admin=true
If you want only full control policies:find * that assigned AccessPolicy that allows aws_account where allows.permission='FULL_CONTROL'
To query for assume role trusts:find * that assigned aws_iam_role that assigned AccessPolicy that allows aws_account where allows.admin=true
0
This Month's Leaders
Categories
- 336 All Categories
- Featured Categories
- 7 About the AskJ1 Community
- 11 Product Announcements
- From Mission Control
- 1 Rapid Response
- 3 How J1 Uses J1
- Topics
- 131 Asset Management
- 56 Compliance & Reporting
- 65 Security Operations
- 40 Security Engineering
- 5 Open Source
- 18 News, Careers and More