# AWS - Privilege Escalation

{{#include ../../../banners/hacktricks-training.md}}

## AWS Privilege Escalation

The way to escalate your privileges in AWS is to have enough permissions to be able to, somehow, access other roles/users/groups privileges. Chaining escalations until you have admin access over the organization.

> [!WARNING]
> AWS has **hundreds** (if not thousands) of **permissions** that an entity can be granted. In this book you can find **all the permissions that I know** that you can abuse to **escalate privileges**, but if you **know some path** not mentioned here, **please share it**.

> [!CAUTION]
> If an IAM policy has `"Effect": "Allow"` and `"NotAction": "Someaction"` indicating a **resource**... that means that the **allowed principal** has **permission to do ANYTHING but that specified action**.\
> So remember that this is another way to **grant privileged permissions** to a principal.

**The pages of this section are ordered by AWS service. In there you will be able to find permissions that will allow you to escalate privileges.**

## Tools

- [https://github.com/RhinoSecurityLabs/Security-Research/blob/master/tools/aws-pentest-tools/aws_escalate.py](https://github.com/RhinoSecurityLabs/Security-Research/blob/master/tools/aws-pentest-tools/aws_escalate.py)
- [Pacu](https://github.com/RhinoSecurityLabs/pacu)

{{#include ../../../banners/hacktricks-training.md}}