Live Demo: Get full visibility of your AWS environment with CloudQuery Sign up ❯

CloudQuery

Back to all blog posts
About
Jason worked as Head of Security Research and Solutions and before that was a Senior Software Engineer at CloudQuery. He specialised in application development and ensuring the scalability of our systems. He is able to break down complex technical projects into easily understood parts and has an in-depth understanding of AWS.
Security

AWS Identity Center (formerly known as AWS SSO): A Guide to Privilege Escalation and Identity and Access Management

AWS Identity Center is one way of managing access to AWS Accounts. With AWS Identity Center (previously SSO), there exists multiple pathways to privilege escalation. In this blog post, we cover Identity Center, research into the inner workings of cloud Identity and Access Management related to AWS Identity Center, how to secure AWS Identity Center, and detection with logging and monitoring.

Jason Kao

Jason Kao

AWS
Security

A Guide to Delegated Administrator in AWS Organizations and Multi-Account Management

A guide to managing multiple AWS Accounts using AWS Organizations and how to reduce blast radius by leveraging Delegated Administrator capabilities within AWS Organization to avoid usage of the management root account. This post covers security benefits of delegated administrator, IAM permissions and API actions related to delegation, resource-based delegation policies, and how to gain insight into the structure of the environment and accounts.

Jason Kao

Jason Kao


© 2025 CloudQuery, Inc. All rights reserved.

We use tracking cookies to understand how you use the product and help us improve it. Please accept cookies to help us improve. You can always opt out later via the link in the footer.