Tag
Adversaries with administrative access to an AWS account can create rogue SAML Identity Providers (IdPs) to establish persistent, federated access to AWS resources that survives credential rotation, enabling them to assume roles and access resources by forging SAML assertions from an IdP they control.