Tags
Cloud
ATT&CK Tactic
Initial Access (TA0001)
Last edited
Jan 18, 2024 1:25 PM
Status
Stub
Attacker establishes persistence by creating an IAM Roles Anywhere trust anchor. The IAM Roles Anywhere service allows workloads that do not run in AWS to assume roles by presenting a client-side X.509 certificate signed by a trusted certificate authority, called a "trust anchor".