Initial Publication Date: 2022/01/13 13:00 PST
A security researcher recently reported an issue that allowed them to take actions as the AWS Glue service. Utilizing an AWS Glue feature, researchers obtained credentials specific to the service itself, and an AWS-internal misconfiguration permitted the researchers to use these credentials as the AWS Glue service. There is no way that this could have been used to affect customers who do not use the AWS Glue service.
No customer action is required.
AWS moved immediately to correct this issue when it was reported. Analysis of logs going back to the launch of the service have been conducted and we have conclusively determined that the only activity associated with this issue was between accounts owned by the researcher. No other customer’s accounts were impacted. All actions taken by AWS Glue in a customer’s account are logged in CloudTrail records controlled and viewable by customers.
We would like to thank Orca Security for reporting this issue.
Security-related questions or concerns can be brought to our attention via aws-security@amazon.com.