Mazin Ahmed -- Terraform Security
The Application Security Podcast
00:00
Terraform
If you can get that state file, you can get passwords to all the things that have been built. And deployed on their cloud interstructure and potentially find a back door. If you don't figd wagder, you can even create it, because you would have an axcessan. You can create an anatmi u an, you admiiam user, and that would have admin access. Or you can append t yor a leg, or you can create a secondary key for another user. Unless someone is paying attention, you wouldn't be detecteso, which is awatd, you do?
Transcript
Play full episode
