As September 2025 wraps up, we’re back with the latest roundup of newly released AWS privileged permissions, and once again the cloud attack surface keeps evolving. This month’s updates span critical services including AWS IoT, Glue, GuardDuty, Directory Service, Managed Service for Prometheus, and more, each introducing new ways to control access, modify encryption, or shift detection boundaries.
These changes open the door to risks such as exposing IoT data streams, cutting off access to key datasets, whitelisting malicious entities in threat detection tools, or even granting internet access to internal workloads. Collectively, they underscore how a single new privilege can redefine trust boundaries and create fresh avenues for impact or evasion. Read on to see what’s new and where security teams need to focus next.
Existing Services with New Privileged Permissions
AWS IoT Core
Service Type: Internet of Things (IoT)
Permission: iot:UpdateEncryptionConfiguration
- Action: Grants permission to update the encryption configuration for the account
- Mitre Tactic: Impact
- Why it’s privileged: Changes AWS IoT data encryption, potentially exposing sensitive device communications.
AWS Glue
Service Type: Data Transformation and ETL
Permission: glue:UpdateGlueIdentityCenterConfiguration
- Action: Grants permission to update the managed IdC application
- Mitre Tactic: Impact
- Why it’s privileged: Alters the access scope for Glue Identity Center, which can revoke existing read/write and query access across Amazon S3, Amazon Redshift, and AWS Lake Formation, potentially cutting off data access entirely.
Permission: glue:DeleteGlueIdentityCenterConfiguration
- Action: Grants permission to disconnect Glue with Identity Center
- Mitre Tactic: Impact
- Why it’s privileged: Deletes the Glue Identity Center configuration, which removes defined access scopes and immediately revokes all data access to Amazon S3, Amazon Redshift, and AWS Lake Formation.
Amazon EC2
Service Type: Compute Services
Permission: ec2:ModifyInstanceConnectEndpoint
- Action: Grants permission to modify and existing EC2 Instance Connect Endpoint
- Mitre Tactic: Lateral Movement
- Why it’s privileged: Changes Amazon EC2 Instance Connect endpoints, potentially rerouting or intercepting administrative access to instances.
Amazon GuardDuty
Service Type: Security and Compliance
Permission: guardduty:CreateTrustedEntitySet
- Action: Grants permission to create a TrustedEntitySet
- Mitre Tactic: Defense Evasion
- Why it’s privileged: Creates trusted entity sets, potentially allowing malicious entities to bypass threat detection.
Permission: guardduty:UpdateThreatEntitySet
- Action: Grants permission to update a ThreatEntitySet
- Mitre Tactic: Defense Evasion
- Why it’s privileged: Updates threat entity sets, which can remove known malicious principals and hide active threats.
Permission: guardduty:UpdateTrustedEntitySet
- Action: Grants permission to update a TrustedEntitySet
- Mitre Tactic: Defense Evasion
- Why it’s privileged: Updates trusted entity, which can add malicious principals and suppress security findings.
Permission: guardduty:DeleteThreatEntitySet
- Action: Grants permission to delete a ThreatEntitySet
- Mitre Tactic: Defense Evasion
- Why it’s privileged: Deletes threat entity sets, which can erase known malicious principals and disable related threat detection.
AWS Directory Service
Service Type: Identity and Access Management
Permission: ds:DisableCAEnrollmentPolicy
- Action: Grants permission to disable the ca enrollment of a specified directory
- Mitre Tactic: Impact
- Why it’s privileged: Disables CA enrollment policy, which can block certificate issuance and disrupt secure authentication.
AWS Managed Service for Prometheus
Service Type: Observability and Monitoring
Permission: aps:PutResourcePolicy
- Action: Grants permission to create and update workspace resource policy
- Mitre Tactic: Exfiltration
- Why it’s privileged: Sets resource policies, which can grant broad cross-account access to monitoring data.
Permission: aps:DeleteResourcePolicy
- Action: Grants permission to delete workspace resource policy
- Mitre Tactic: Defense Evasion
- Why it’s privileged: Deletes resource policies, which can remove access restrictions and expose monitoring data.
AWS Clean Rooms
Service Type: Data and Analytics
Permission: cleanrooms:CreateCollaborationChangeRequest
- Action: Grants permission to create a change request in a collaboration
- Mitre Tactic: Exfiltration
- Why it’s privileged: Creates change requests in collaborations, which can expand query and job permissions to exfiltrate additional data if auto-approved.
AWS User Notifications
Service Type: Messaging and Communication
Permission: notifications:DisassociateOrganizationalUnit
- Action: Grants permission to disassociate an Organizational Unit to a particular Notification Configuration
- Mitre Tactic: Defense Evasion
- Why it’s privileged: Disassociates an Organizational Unit from configurations, which can silence alerts for that unit and evade detection.
AWS Elastic Virtualization Service
Service Type: Compute Services
Permission: evs:AssociateEipToVlan
- Action: Grants permission to associate and Elastic IP address (EIP) with a public VLAN in an Amazon EVS environment
- Mitre Tactic: Lateral Movement
- Why it’s privileged: Associates an Elastic IP with a VLAN, enabling direct internet access for HCX appliances and workloads, which expands attack surface for lateral movement.
Amazon QuickSight
Service Type: Data and Analytics
Permission: quicksight:DeleteAccountCustomPermission
- Action: Grants permission to remove the custom permission associated with an account
- Mitre Tactic: Privilege Escalation
- Why it’s privileged: Deletes account-level custom permissions, which removes feature restrictions and can enable broader access for privilege escalation.
Permission: quicksight:UpdateAccountCustomPermission
- Action: Grants permission to update the custom permission associated with an account
- Mitre Tactic: Privilege Escalation
- Why it’s privileged: Updates account-level custom permissions, which can weaken account-wide restrictions on features and data access, enabling privilege escalation.
New Region
Asia Pacific (New Zealand)
- API Name: ap-southeast-6
- Availability Zones: 3
Conclusion
As AWS continues to roll out new features across its expanding ecosystem, the security stakes of newly released privileges remain high. September’s additions, from changing IoT encryption and revoking Glue data access to suppressing GuardDuty detections and exposing HCX workloads to the internet, illustrate how each new privilege can rapidly reshape access boundaries, weaken defenses, or broaden the attack surface.
Sonrai Security’s Cloud Permissions Firewall equips teams with the visibility and control needed to keep pace with AWS’s constant evolution. By automatically detecting new privileged permissions, enforcing least privilege at scale, and delivering cloud-native Privileged Access Management purpose-built for AWS, Sonrai helps organizations respond to shifting risks before attackers can exploit them. In the cloud, new privileges emerge every month—staying secure means staying ahead.
