IAM users & roles
Users
| User | ARN | Access key | MFA | Attached policies |
|---|---|---|---|---|
| devops | arn:aws:iam::549302118874:user/devops | AKIAFAKEDEVOPSONLY01 | off | AdministratorAccess |
| ci-runner | arn:aws:iam::549302118874:user/ci-runner | AKIAFAKECIRUNNERONLY | off | AdministratorAccess |
| data-export | arn:aws:iam::549302118874:user/data-export | AKIAFAKEDATAEXPORT01 | off | AmazonS3FullAccess AmazonRDSReadOnlyAccess |
| intern.summer2025 | arn:aws:iam::549302118874:user/intern.summer2025 | — | off | AdministratorAccess |
Roles
| Role | Trust principal | Attached policies |
|---|---|---|
| keensafe-ec2-app-role arn:aws:iam::549302118874:role/keensafe-ec2-app-role |
{'AWS': '*'} | AdministratorAccess |
| keensafe-lambda-exec arn:aws:iam::549302118874:role/keensafe-lambda-exec |
{'Service': 'lambda.amazonaws.com'} | AdministratorAccess |
| keensafe-eks-node arn:aws:iam::549302118874:role/keensafe-eks-node |
{'Service': 'ec2.amazonaws.com'} | AmazonEKSWorkerNodePolicy AmazonEC2ContainerRegistryReadOnly AdministratorAccess |
Misconfigurations:
intern.summer2025hasAdministratorAccessand no MFA.keensafe-ec2-app-roletrust policy permitsPrincipal: "AWS": "*"— anyone with valid AWS creds cansts:AssumeRoleit. TryPOST /iam/sts/assume-role.- The EKS node role attaches both least-priv EKS policies and AdministratorAccess.