AWS - DataPipeline, CodePipeline & CodeCommit Enum

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!

Other ways to support HackTricks:


AWS Data Pipeline is designed to facilitate the access, transformation, and efficient transfer of data at scale. It allows the following operations to be performed:

  1. Access Your Data Where It’s Stored: Data residing in various AWS services can be accessed seamlessly.

  2. Transform and Process at Scale: Large-scale data processing and transformation tasks are handled efficiently.

  3. Efficiently Transfer Results: The processed data can be efficiently transferred to multiple AWS services including:

    • Amazon S3

    • Amazon RDS

    • Amazon DynamoDB

    • Amazon EMR

In essence, AWS Data Pipeline streamlines the movement and processing of data between different AWS compute and storage services, as well as on-premises data sources, at specified intervals.


aws datapipeline list-pipelines
aws datapipeline describe-pipelines --pipeline-ids <ID>
aws datapipeline list-runs --pipeline-id <ID>
aws datapipeline get-pipeline-definition --pipeline-id <ID>


In the following page you can check how to abuse datapipeline permissions to escalate privileges:

pageAWS - Datapipeline Privesc


AWS CodePipeline is a fully managed continuous delivery service that helps you automate your release pipelines for fast and reliable application and infrastructure updates. CodePipeline automates the build, test, and deploy phases of your release process every time there is a code change, based on the release model you define.


aws codepipeline list-pipelines
aws codepipeline get-pipeline --name <pipeline_name>
aws codepipeline list-action-executions --pipeline-name <pl_name>
aws codepipeline list-pipeline-executions --pipeline-name <pl_name>
aws codepipeline list-webhooks
aws codepipeline get-pipeline-state --name <pipeline_name>


In the following page you can check how to abuse codepipeline permissions to escalate privileges:

pageAWS - Codepipeline Privesc


It is a version control service, which is hosted and fully managed by Amazon, which can be used to privately store data (documents, binary files, source code) and manage them in the cloud.

It eliminates the requirement for the user to know Git and manage their own source control system or worry about scaling up or down their infrastructure. Codecommit supports all the standard functionalities that can be found in Git, which means it works effortlessly with user’s current Git-based tools.


# Repos
aws codecommit list-repositories
aws codecommit get-repository --repository-name <name>
aws codecommit get-repository-triggers --repository-name <name>
aws codecommit list-branches --repository-name <name>
aws codecommit list-pull-requests --repository-name <name>

# Approval rules
aws codecommit list-approval-rule-templates
aws codecommit get-approval-rule-template --approval-rule-template-name <name>
aws codecommit list-associated-approval-rule-templates-for-repository --repository-name <name>

# Get & Put files
## Get a file
aws codecommit get-file --repository-name backend-api --file-path
## Put a file
aws codecommit get-branch --repository-name backend-api --branch-name master
aws codecommit put-file --repository-name backend-api --branch-name master --file-content fileb://./ --file-path --parent-commit-id <commit-id>

# SSH Keys & Clone repo
## Get codecommit keys
aws iam list-ssh-public-keys #User keys for CodeCommit
aws iam get-ssh-public-key --user-name <username> --ssh-public-key-id <id> --encoding SSH #Get public key with metadata
# The previous command will give you the fingerprint of the ssh key
# With the next command you can check the fingerprint of an ssh key and compare them
ssh-keygen -f .ssh/id_rsa -l -E md5

# Clone repo
git clone ssh://<SSH-KEY-ID>@git-codecommit.<REGION><repo-name>


Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!

Other ways to support HackTricks:

Last updated