Practitioners have documented techniques for gaining access through Server-Side Request Forgery (SSRF) vulnerabilities that exploit management APIs within cloud providers. However, unauthorized access to management APIs can enable threat actors to compromise the security of large amounts of sensitive data very quickly. Cloud infrastructure offers significant benefits to organizations capable of leveraging rich application programming interfaces (APIs) to automate environments at scale.
