Attack paths are toxic combinations of risks in your environment. By chaining these risks together, an attacker may execute an exploit.Some components of an attack path may include
Publicly facing assets: an attacker may get initial access to your environment through publicly exposed VMs, containers, or serverless functions.
3rd party identities: Adversaries may attack external 3rd party entities to whom you have given privileges in your account.
Admin or high privileged principals: A takeover of these IAM principals may lead to data access or account takeover.
Privilege escalations: Certain combinations of privileges (e.g. iam:PassRole and ec2:RunInstances) may allow an attacker to subtly escalate their priveleges within your account. More details about privilege escalations can be found here.