Posts under this project (1)
Part 1: Overview of AWS CodeConnections (The Dangers Lurking within AWS CodeConnections)
AWS CodeConnections (formally called CodeStar Connections) is a feature in AWS which allows AWS resources such as AWS CodePipeline to connect to external code repositories. This is often...
4 December 2025 by Thomas Preece Read more...In this series of blog posts we’ll be taking an in-depth look at the security of AWS CodeConnections and their use in several different AWS Services. With CodeConnections becoming supported in more and more AWS services it is important for us to fully understand the risk we are opening up when we connect up our code repositories to AWS via the CodeConnections mechanism.
This series of blog posts aims to answer the question, can we significantly escalate our privileges via the source code provider permissions granted to AWS if we can compromise a single AWS account or single AWS service such as CodePipeline.