AWS Pentesting
our servicesCreate an AWS Read-Only Access Token

During an AWS Penetration Test its common for the team to request an administrative read-only access token. This is used to review AWS assets and identify misconfigurations affecting them.
This may also be used for common pentesting tools such as ScoutSuite and our purpleleaf pentesting platform.
Below is a step-by-step guide to create these tokens:
1. Navigate to IAM
2. Click Users
3. Click Add User
4. Create a name and select ‘Access key’
5. Search ReadOnlyAccess
6. Create User
7. Copy Access Token and Secret
Congrats you’re done! Always remember to keep this token in a secure location and remove the user when no longer used.