From 110acc6fb7b1b92ff5dbb7378a737ac0263bb881 Mon Sep 17 00:00:00 2001
From: stefan <stefan@intheopen.org>
Date: Tue, 13 Feb 2024 00:04:26 +0100
Subject: [PATCH] added info

---
 Enumeration/AWS.md | 20 +++++++++++++++++---
 1 file changed, 17 insertions(+), 3 deletions(-)

diff --git a/Enumeration/AWS.md b/Enumeration/AWS.md
index 41cc806..1d40409 100644
--- a/Enumeration/AWS.md
+++ b/Enumeration/AWS.md
@@ -87,10 +87,10 @@ shared between people, everyone has full root access.
 
 Policies are an authorization measurement. After authentication of a user (or
 principal) policies of the account are checked if the request is allowed.
-A policy may also be attached to a resource. Policy evaluation can be found in the [AWS docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html).
+A policy may also be attached to a resource. Policy evaluation can be found in the [AWS docs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html). There are resource and identity based policies.
 
 ```sh
-aws iam get-policy
+aws iam get-policy --policy-arn <ARN>
 ```
 
  Policy details consists of the following [example](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html)
@@ -108,6 +108,14 @@ aws iam get-policy
 }
 ```
 
+Policy enforcement is done via the `Effect` keys and either has `allow` or `deny` keys set in the JSON object. Deny is default.
+
+The `Action` keyword contains a Service and an API keyword on on that service in the scheme `<servicename>:<APIKeyword>`.
+
+The Resource key contains the ARN of the resource the policy is set for.
+
+The `Principal` key is only set for resource policies and contains the principal  who is able to act on the resource. For example a `*` value allows public access.
+
 The following graph is taken from the documentation, it shows the evaluation
 logic inside an account
 
@@ -118,7 +126,7 @@ A principal can have multiple policies attached.
 Policies like `assume-role` and `switch-role` can lead to the gain of roles
 with higher permissions
 
-A `*`  inside a policy represents every principal. Set the `*` to make an instance of a service
+A `*` inside a policy represents every principal. Set the `*` to make an instance of a service
 public through the Internet.
 
 Administrator access policies can be queried to see who has elevated permissions.
@@ -336,6 +344,12 @@ Download via `curl`, `wget` or `s3` cli via
 aws s3 cp s3://<bucketname>/foo_public.xml . --no-sign-request
 ```
 
+#### S3 Policies
+
+```sh
+aws s3api get-bucket-policy --bucket <bucketname>--query Policy --output text
+```
+
 #### ACL
 
 If the ACL is set to