_____ _ ____ __ __ _____
| || | / || |__| |/ ___/
| __|| | | o || | | ( \_
| |_ | |___ | || | | |\__ |
| _] | || _ || ` ' |/ \ |
| | | || | | \ / \ |
|__| |_____||__|__| \_/\_/ \___|
flAWS - The End
It is common to give people and entities read-only permissions such as the SecurityAudit policy. The ability to read your own and other's IAM policies can really help an attacker figure out what exists in your environment and look for weaknesses and mistakes.
Avoiding this mistake
Don't hand out any permissions liberally, even permissions that only let you read meta-data or know what your permissions are.
Congratulations on completing the flAWS challenge!
Send me some feedback at firstname.lastname@example.org
Tweet and tell your friends about it if you learned something from it.
There is also now a flaws2.cloud! Check that out, and a reminder, if your company is interested in receiving AWS security training, please reach out to me at email@example.com.