iam:PassRole + Glue Dev Endpoint Privilege Escalation

A Glue development endpoint runs as an IAM role and gives interactive (SSH/notebook) access. With iam:PassRole and glue:CreateDevEndpoint, an attacker creates a dev endpoint backed by a privileged role and then reads that role’s credentials from inside the endpoint.

Permissions an attacker needs

• iam:PassRole
• glue:CreateDevEndpoint
• glue:GetDevEndpoint

How the escalation works

• The attacker picks a privileged role they are allowed to pass.
• They create a Glue dev endpoint, passing that role and their own SSH public key.
• They connect to the endpoint and retrieve the role’s temporary credentials, then use them anywhere.

Example vulnerable policy

A policy like this grants the dangerous permission. Paste your own policy into the free AI-Powered IAM analyzer to see if you are exposed.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "iam:PassRole",
        "glue:CreateDevEndpoint",
        "glue:GetDevEndpoint"
      ],
      "Resource": "*"
    }
  ]
}

Example exploitation

For illustration only — run against accounts you own or are authorized to test.

aws glue create-dev-endpoint \
  --endpoint-name esc \
  --role-arn arn:aws:iam::123456789012:role/privileged-role \
  --public-key "ssh-rsa AAAA..."

How to detect and prevent it

• Scope iam:PassRole to specific roles and add iam:PassedToService = glue.amazonaws.com.
• Restrict glue:CreateDevEndpoint to the roles/teams that genuinely need interactive Glue access.
• Least-privilege Glue roles so an endpoint cannot reach beyond its data sources.

FAQ

Related escalation methods

• iam:PassRole + Lambda Privilege Escalation
• iam:PassRole + EC2 RunInstances Privilege Escalation
• iam:PassRole + CloudFormation Privilege Escalation

Amazon Web Services (AWS) is a trademark of Amazon.com, Inc. Shieldly is not affiliated with, endorsed by, or sponsored by Amazon Web Services.