Links

AWS - Control Tower Enum

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks:

Control Tower

In summary, Control Tower is a service that allows to define policies for all your accounts inside your org. So instead of managing each of the you can set policies from COntrol Tower that will be applied on them.
AWS Control Tower is a service provided by Amazon Web Services (AWS) that enables organizations to set up and govern a secure, compliant, multi-account environment in AWS.
AWS Control Tower provides a pre-defined set of best-practice blueprints that can be customized to meet specific organizational requirements. These blueprints include pre-configured AWS services and features, such as AWS Single Sign-On (SSO), AWS Config, AWS CloudTrail, and AWS Service Catalog.
With AWS Control Tower, administrators can quickly set up a multi-account environment that meets organizational requirements, such as security and compliance. The service provides a central dashboard to view and manage accounts and resources, and it also automates the provisioning of accounts, services, and policies.
In addition, AWS Control Tower provides guardrails, which are a set of pre-configured policies that ensure the environment remains compliant with organizational requirements. These policies can be customized to meet specific needs.
Overall, AWS Control Tower simplifies the process of setting up and managing a secure, compliant, multi-account environment in AWS, making it easier for organizations to focus on their core business objectives.

Enumeration

For enumerating controltower controls, you first need to have enumerated the org:
# Get controls applied in an account
aws controltower list-enabled-controls --target-identifier arn:aws:organizations::<acc_id>:ou/<ou-id>
Control Tower can also use Account factory to execute CloudFormation templates in accounts and run services (privesc, post-exploitation...) in those accounts

Post Exploitation & Persistence

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks: