SkyEye: When Your Vision Reaches Beyond IAM Boundary Scope in AWS Cloud

TL;DR

SkyEye is a novel framework that enhances IAM enumeration in AWS, providing comprehensive situational awareness beyond traditional boundaries to improve cloud security and compliance.

Contribution

The paper introduces SkyEye, a cooperative multi-principal IAM enumeration framework that overcomes authorization limitations to reveal complete IAM configurations in AWS.

Findings

Enables full IAM configuration mapping in AWS environments.

Identifies potential security misconfigurations and privilege escalations.

Supports compliance and security posture improvements.

Abstract

In recent years, cloud security has emerged as a primary concern for enterprises due to the increasing trend of migrating internal infrastructure and applications to cloud environments. This shift is driven by the desire to reduce the high costs and maintenance fees associated with traditional on-premise infrastructure. By leveraging cloud capacities such as high availability and scalability, companies can achieve greater operational efficiency and flexibility. However, this migration also introduces new security challenges. Ensuring the protection of sensitive data, maintaining compliance with regulatory requirements, and mitigating the risks of cyber threats are critical issues that must be addressed. Identity and Access Management (IAM) constitutes the critical security backbone of most cloud deployments, particularly within AWS environments. As organizations adopt AWS to scale applications and store data, the need for a thorough, methodical, and precise enumeration of IAM configurations grows exponentially. Enumeration refers to the systematic mapping and interrogation of identities, permissions, and resource authorizations with the objective of gaining situational awareness. By understanding the interplay between users, groups, and their myriads of policies, whether inline or attached managed policies, security professionals need to enumerate and identify misconfigurations, reduce the risk of unauthorized privilege escalation, and maintain robust compliance postures. This paper will present SkyEye, a cooperative multi-principal IAM enumeration framework, which comprises cutting-edge enumeration models in supporting complete situational awareness regarding the IAMs of provided AWS credentials, crossing the boundary of principal-specific IAM entitlement vision to reveal the complete visionary while insufficient authorization is the main challenge.