From AWS Docs:
AssumeRoleReturns a set of temporary security credentials that you can use to access AWS resources that you might not normally have access to. These temporary credentials consist of an access key ID, a secret access key, and a security token. Typically, you use
References
https://rhinosecuritylabs.com/aws/assume-worst-aws-assume-role-enumeration/
https://rhinosecuritylabs.com/aws/aws-iam-user-enumeration/
AssumeRoleReturns a set of temporary security credentials that you can use to access AWS resources that you might not normally have access to. These temporary credentials consist of an access key ID, a secret access key, and a security token. Typically, you use AssumeRole within your account or for cross-account access.
This can be abused to enumerate cross account IAM roles and then possibly assume access given the attacker knows the AWS Account ID of the victim.
RhinoLabs has created a script for enumeration which can be found on their website from the link in the references[I have not tested the script].
Referenceshttps://rhinosecuritylabs.com/aws/assume-worst-aws-assume-role-enumeration/
https://rhinosecuritylabs.com/aws/aws-iam-user-enumeration/
