Bug fix: Adds the sts:TagSession permission to the Trust Relationship config for the role used to detonate aws.defense-evasion.organizations-leave. Without this permission, Stratus returns 403 Forbidden errors from AWS due to insufficient permissions. See issue below for more details
What does this PR do?
sts:TagSession
permission to the Trust Relationship config for the role used to detonateaws.defense-evasion.organizations-leave
. Without this permission, Stratus returns 403 Forbidden errors from AWS due to insufficient permissions. See issue below for more detailsMotivation
Issue raised here: https://github.com/DataDog/stratus-red-team/issues/462