Lists the AWS services that do not support endpoint policies in the specified Region 

  aws ec2 describe-vpc-endpoint-services \
  --filters Name=service-type,Values=Interface Name=owner,Values=amazon \
  --region us-east-1 \
  --query 'ServiceDetails[?VpcEndpointPolicySupported==`false`].ServiceName'

To backdoor a data exfil via the service included in this list with an existing endpoint policy for the corresponding service.

SSM venom

https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-agent-technical-details.html#credentials-file

In Development.