How would you feel if an attacker could read your AWS resource tags? Turns out they can! We’ve found a way to enumerate various metadata from public resources and created a tool to help you test your environment. Daniel Grzelak February 7, 2024 2 min read Did your parents ever tell you the one about the security researcher and the AWS policy condition engine? No? Weird. It’s okay, I’ll tell it to you now.You see, when a security researcher (me) and the AWS policy engine love each other very very...