SSKale1
commented
1 year ago Thanks @Johnathan-Vega for bringing this to our notice, greatly appreciated.
Closed Johnathan-Vega closed 1 year ago
SSKale1
commented
1 year ago Thanks @Johnathan-Vega for bringing this to our notice, greatly appreciated.
The main.tf file does not match the intention of the environment exercise. This is reflected in the solution documentation and video. Line 3455 on main.tf contains the following line:
"${aws_iam_role.blog_app_lambda.arn}"
This will input "blog_app_lambda" role into this policy. However, this will not allow you to escalate privileges in the way the solution documentation shows. Reference this image from the solutions documentation which clearly shows that this role arn should actually be for the "blog_app_lambda_data" role.
In fact, the dev-ec2-lambda-policies only has 1 version created by the main.tf template, which means "--version-id v2" of the aws iam get-policy-version command will not work.
A simple change to line 3455 instead to:
"${aws_iam_role.blog_app_lambda_python.arn}"
Would give the desired result of inputting "blog_app_lambda_role" to this policy. This would allow privilege escalation in the method shown as a solution. The version would still remain as v1 unless further edits are made to main.tf.