Cloud Threat Landscape
  • Incidents
  • Actors
  • Techniques
  • Defenses
  • Tools
  • Targeted Technologies
  • Posters & Newspapers
  • About
  • RSS
  • STIX
  • Back to wiz.io
Cloud Threat Landscape

IAM Policies

Type
Identity Mgmt.
D3FEND Tactic
Execution Isolation (D3-EI)Credential Hardening (D3-CH)
TL;DR

Controls user and machine access to resources within an organization.

Description

Identity and Access Management policies that define permissions and rules to control users' access to resources within an organization.

Techniques
Valid creds abuseAbuse access to existing KMS keyAbuse trust and privileges across accountsSSM-facilitated remote desktop connectionIAM privilege escalation

Made with 💙 by Wiz

Last Updated: April 3, 2025