ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-13 00:05:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore(iam): add IAM privilege escalation cases (#2921)

Browse Source
This commit is contained in:
Sergio Garcia
2023-10-10 12:41:02 +02:00
committed by GitHub
parent 236dea9d26
commit 08b2ea01ab
2 changed files with 110 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
prowler/providers/aws/services/iam/iam_policy_allows_privilege_escalation/iam_policy_allows_privilege_escalation.py
View File

@@ -20,6 +20,8 @@ from prowler.providers.aws.services.iam.iam_client import iam_client
class iam_policy_allows_privilege_escalation(Check):
def execute(self) -> Check_Report_AWS:
privilege_escalation_policies_combination = {
"OverPermissiveIAM": {"iam:*"},
"IAMPut": {"iam:Put*"},
"CreatePolicyVersion": {"iam:CreatePolicyVersion"},
"SetDefaultPolicyVersion": {"iam:SetDefaultPolicyVersion"},
"iam:PassRole": {"iam:PassRole"},