After extracting temporary credentials from an EC2 instance's metadata service via SSRF, you configure an AWS CLI profile with the recovered keys. Before attempting any resource-specific enumeration, which single AWS CLI command is most appropriate to run first to verify the credentials are valid and to learn the AWS account and principal you are operating as?
Running "aws sts get-caller-identity" contacts the AWS Security Token Service and returns the account ID, the ARN of the user or role, and the user ID associated with the supplied credentials. This quickly confirms that the keys were entered correctly, are active, and reveals the exact identity and account context you now possess. The other commands interact with individual services and may fail if the credentials lack the required permissions; even if they succeed, they do not reliably tell you which principal the keys belong to. Therefore, using STS to get the caller's identity is the safest first validation and enumeration step.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the AWS Security Token Service (STS)?
Open an interactive chat with Bash
Why use 'aws sts get-caller-identity' before other commands?
Open an interactive chat with Bash
What does the ARN provided by 'aws sts get-caller-identity' represent?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Cloud Computing
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .