Create an Access Key on an IAM User
MITRE ATT&CK Tactics
- Privilege Escalation
Establishes persistence by creating an access key on an existing IAM user.
- Create an IAM user.
- Create an IAM access key on the user.
CreateAccessKey event. This event can hardly be considered suspicious by itself, unless
correlated with other indicators.