Public EC2 Instance IAM Profile has S3 Administrative Privileges

Tenacity Id

Risk Level

Categories

ec2-009

3

Last Updated:

April 21, 2022

An Amazon Elastic Compute Cloud (EC2) instance with a public IP address is configured with an Identity and Access Management (IAM) role that grants administrative privileges to Simple Storage Service (S3). EC2 instances with public IP addresses are susceptible to compromise by a remote attacker who could gain control of the EC2 instance. An EC2 Instance configured with S3 administrative privileges is allowed to change S3 ownership permissions and the contents of the bucket without restriction. An attacker that gains control the publicly exposed EC2 instance would have administrative privilege to S3. Publicly exposed EC2 instances should have restricted IAM roles.