Gerty Snowburrow

Well now, look who's venturing down into the caves!

And well, who might you be, exaclty?

I'm Gerty Snowburrow, if you need to know.

And, not that I should be telling you, but I'm trying to figure out what Alabaster Snowball's done this time.

Word is, he committed some secrets to a code repo.

If you're feeling so inclined, you can try and find them for me.

After solving the "AWS CLI Intro" challenge (spoilers!):

Gerty Snowburrow

Say, you got it done, didn't you?

Well now, you might just be able to tackle the other AWS terminal down here.

It's a bit more involved, but you've got the credentials to get it started now.

Before you try it, you should know the difference between managed and inline policies.

Short version: inline policies apply to one identity (user, role, group), and managed policies can be attached to many identities.

There are different AWS CLI commands to interact with each kind.

Other than that, the important bit is to know a bit about cloud or IAM privilege escalation.

Sometimes attackers find access to more resources by just trying things until something works.

But if they have access to the iam service inside the AWS CLI, they might just be able to ask what access they have!

You can do it!