 _____  _       ____  __    __  _____
|     || |     /    ||  |__|  |/ ___/
|   __|| |    |  o  ||  |  |  (   \_ 
|  |_  | |___ |     ||  |  |  |\__  |
|   _] |     ||  _  ||  `  '  |/  \ |
|  |   |     ||  |  | \      / \    |
|__|   |_____||__|__|  \_/\_/   \___|

Level 6: Hint 1

The SecurityAudit group can get a high level overview of the resources in an AWS account, but it's also useful for looking at IAM policies. First, find out who you are (assuming you named your profile "level6"):

aws --profile level6 iam get-user

Now that you know your username is Level6 you can find out what policies are attached to it:

aws --profile level6 iam list-attached-user-policies --user-name Level6

Now you know that you have two policies attached:

"SecurityAudit": This is an AWS policies you can look up either in your console or here
"list_apigateways": This is a custom one I made. I bet it'll be useful for this challenge, so we should try to figure out what it is.

Once you know the ARN for the policy you can get it's version id:

aws --profile level6 iam get-policy  --policy-arn arn:aws:iam::975426262029:policy/list_apigateways

Now that you have the ARN and the version id, you can see what the actual policy is:

 aws --profile level6 iam get-policy-version  --policy-arn arn:aws:iam::975426262029:policy/list_apigateways --version-id v4

This tells us using this policy we can call "apigateway:GET" on "arn:aws:apigateway:us-west-2::/restapis/*"

Using this, it should lead you in the direction of where the hidden resource is.

Need another hint? Go to Hint 2