|
|
|
|
|
|
by brentcetinich
1531 days ago
|
|
|
I wish you enumerated the identity’s Iam permissions or at least did a describe-db-clusters it would give good insights into the internal security of the Aws service roles , I would have thought such a role would be restricted to only be used via internal network leg of the RDS not over the internet. Now we will never know and have to take their word for it. Imagine if that role was able to describe all instances in the region, or dump a backup to a public bucket of every rds . Now that would be a sensationalistic headline ! |
|
|