correct terminology: 'trust policy' instead of 'iam policy' to avoid …

…confusion
DataDog · Feb 9, 2024 · c8263f6 · c8263f6
1 parent f34d94e
commit c8263f6
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/v2/internal/attacktechniques/aws/persistence/iam-create-backdoor-role/main.go b/v2/internal/attacktechniques/aws/persistence/iam-create-backdoor-role/main.go
@@ -10,8 +10,8 @@ import (
 	"log"
 )
 
-//go:embed malicious_policy.json
-var maliciousIamPolicy string
+//go:embed malicious_trust_policy.json
+var maliciousTrustPolicy string
 
 var roleName string = "stratus-red-team-malicious-iam-role"
 var adminPolicyArn string = "arn:aws:iam::aws:policy/AdministratorAccess"
@@ -32,7 +32,7 @@ Detonation:
 - Create a new IAM role with the following trust policy:
 
 ` + codeBlock + `json
-` + maliciousIamPolicy + `
+` + maliciousTrustPolicy + `
 ` + codeBlock + `
 
 - Attach the 'AdministratorAccess' managed IAM policy to it. 
@@ -74,7 +74,7 @@ func detonate(_ map[string]string, providers stratus.CloudProviders) error {
 	log.Println("Creating a malicious IAM role")
 	input := &iam.CreateRoleInput{
 		RoleName:                 &roleName,
-		AssumeRolePolicyDocument: &maliciousIamPolicy,
+		AssumeRolePolicyDocument: &maliciousTrustPolicy,
 	}
 
 	_, err := iamClient.CreateRole(context.Background(), input)

diff --git a/...reate-backdoor-role/malicious_policy.json → ...backdoor-role/malicious_trust_policy.json b/...reate-backdoor-role/malicious_policy.json → ...backdoor-role/malicious_trust_policy.json