AWS EnableSerialConsoleAccess
Enables the EC2 Serial Console at the account level, allowing direct serial port access to instances for troubleshooting.
T1021: Remote Services
T1021: Remote Services
Adversaries may use Valid Accounts to log into a service that accepts remote connections, such as telnet, SSH, and VNC. The adversary may then perform actions as the logged-on user.
View on MITRE ATT&CK →Azure Microsoft.Compute/virtualMachines/runCommand/action
Executes a script or command on an Azure VM without requiring network-based access such as SSH or RDP.
Azure Microsoft.ContainerService/managedClusters/runCommand/action
Executes a command against an AKS cluster's Kubernetes API without requiring direct network connectivity to the API server.
Azure Microsoft.SerialConsole/serialPorts/connect/action
Connects to the serial console of an Azure VM, providing low-level access without requiring network connectivity.
AWS ResumeSession
Resumes a previously disconnected Systems Manager Session Manager session with a managed instance.
AWS StartSession
Starts an interactive Systems Manager Session Manager session with a managed EC2 instance or on-premises server.