AWS CreateOpenIDConnectProvider
Registers an OIDC identity provider with IAM, enabling federated access from external identity systems like GitHub Actions.
T1556: Modify Authentication Process
T1556: Modify Authentication Process
Adversaries may modify authentication mechanisms and processes to access user credentials or enable otherwise unwarranted access to accounts. The authentication process is handled by mechanisms, such as the Local Security Authentication Server (LSASS) process and the Security Accounts Manager (SA...
View on MITRE ATT&CK →AWS CreateSAMLProvider
Registers a SAML 2.0 identity provider metadata document with IAM, enabling federated authentication via SAML.
Azure Disable Strong Authentication
Disables multi-factor authentication for a user account, weakening authentication security.
Azure Update Conditional Access Policy
Modifies an existing Conditional Access policy, changing the conditions or controls that govern how users authenticate.
Azure Update named location
Updates a named location definition (IP ranges or countries) used in Entra ID Conditional Access policy conditions.