There is/was a tool (Endgame) that made AWS API calls to open resources to world read/write access through the resource policies attached to those resources. Let's add a preset query that goes and searches the various cached resource policies and reports any users/roles that are able to open that resource to world read/write.
There is/was a tool (Endgame) that made AWS API calls to open resources to world read/write access through the resource policies attached to those resources. Let's add a preset query that goes and searches the various cached resource policies and reports any users/roles that are able to open that resource to world read/write.