Exploitation

Local Privilege Escalation: User Data
Escalate privileges on an EC2 instance by modifying the user-data scripts with modify-instance-attribute.
Local Privilege Escalation: User Data 2
Escalate privileges on an EC2 instance by modifying scripts and packages called by user data.
Simple Route53/Cloudfront/s3 subdomain takeover
Techniques for taking over subdomains or hostnames that use Cloudfront and/or a DNS record to serve content from Amazone S3
Steal EC2 Metadata Credentials via SSRF
Old faithful; How to steal IAM Role credentials via the EC2 Metadata service via SSRF.
Steal IAM Credentials and Event Data from Lambda
Leverage file read and SSRF vulnerabilities to steam IAM credentials and event data from Lambda.