Challenge 11 ☆☆☆☆
Welcome to challenge 11. You need to guess the secret that is hidden in Java, Docker, Kubernetes, Vault, AWS or GCP.
We’ve now used Parameter Store directly from within the app, but there’s an IAM problem…
Assume the role
cant-read-secrets and try some IAM privilege escalation. Don’t cheat using your own roles :)
Here is where tools like ScoutSuite can really help detecting issues with your IAM setup. IAM might provide paths towards privilege escalation. These paths can often be used to create and/or assume other more powerful roles which might actually allow you to (among other things) read the secret.
If you’re stuck, try spotting the error in Terraform.