Brien walks through the process of creating an IAM role for the AWS Fault Injection Simulator in order to find out what happens when an EC2 spot instance is interrupted.

The vendor claimed to have been able to assume roles in AWS customer accounts that are trusted by Glue and query and modify AWS Glue service-related resources in a region. These included Glue jobs, ...

Naor Haziz’s discovery shows how a compromised container on EC2-backed ECS tasks can impersonate the ECS agent and steal IAM credentials from other tasks—without host access.