aws
85 articles tagged with #aws
AWS Security Hub Alternatives for Multi-Cloud Visibility
AWS Security Hub locks you into a single cloud. Here are the best alternatives for teams that need multi-cloud security posture management with clearer pricing.
EBS Encryption: AWS Block Storage Encryption at Rest
EBS encryption protects data at rest on AWS Elastic Block Store volumes using KMS keys. Unencrypted volumes are a common compliance finding in cloud security scans.
IMDSv2: AWS Instance Metadata Service Version 2 Explained
IMDSv2 is AWS's security improvement to the Instance Metadata Service, requiring session tokens to prevent SSRF-based credential theft attacks.
Security Groups: Virtual Firewalls for Cloud Resources
Cloud security groups are virtual firewalls controlling inbound and outbound traffic to resources. Common misconfigurations like 0.0.0.0/0 on SSH are a leading breach vector.
Shared Responsibility Model: Who Secures What in the Cloud
The shared responsibility model defines the security boundary between cloud providers (security OF the cloud) and customers (security IN the cloud) — and why CSPM exists in this gap.
What is Cloud Misconfiguration?
Cloud misconfigurations are incorrect or insecure settings in cloud resources — the #1 cause of cloud data breaches.
A guide to protect against the 8KB WAF limitation in Google Cloud Armor
Google Cloud Armor has a documented limitation related to the maximum size of an HTTP POST request body the service is able to inspect and block. Attackers can use this limitation to bypass the protection provided by Cloud Armor and potentially exploit vulnerabilities that may be present in an underlying web application. This article will take you through how Cloud Armor rules can be configured to appropriately mitigate the risk due to the limitation.
How to disable Internet wide access to the S3 bucket in AWS
We will go through the steps to to enable Block public access for S3 bucket in AWS
How to disable Internet wide access to the S3 bucket using AWS CLI
We will go through the steps to to enable Block public access for S3 bucket in AWS
How to delete an IAM Role using AWS CLI
IAM Roles should be removed if they are no longer being used as a security best practice. This article provides a walkthrough of how to delete an IAM Role using AWS CLI.
How to delete an IAM Role in AWS
IAM Roles should be removed if they are no longer being used as a security best practice. This article provides a walkthrough of how to delete an IAM Role in AWS.
How to remove an IAM User in AWS
Having unused IAM users extends the attack surface. As a security best practice, users should be removed if they are no longer being used. This article provides a walkthrough of how to remove an IAM User in AWS.
How to remove an IAM User using AWS CLI
Having unused IAM users extends the attack surface. As a security best practice, users should be removed if they are no longer being used. This article provides a walkthrough of how to remove an IAM User using AWS CLI.
How to create an IAM Admin user in AWS
It is recommended to have a separate Admin user for managing AWS account, while the root user should be used only for super administrative tasks like managing billing etc. This article provides a step by step guide on how to create an IAM Admin user in AWS.
How to create an IAM Admin user using AWS CLI
It is recommended to have a separate Admin user for managing AWS account, while the root user should be used only for super administrative tasks like managing billing etc. This article provides a step by step guide on how to create an IAM Admin user using AWS CLI.
How to remove the Access key of a user in AWS
IAM user Access keys that are not being used should be removed. This article provides a step by step walkthrough of how to remove the Access key of an IAM user in AWS.
How to remove the Access key of a user using AWS CLI
IAM user Access keys that are not being used should be removed. This article provides a step by step walkthrough of how to remove the Access key of an IAM user using AWS CLI.
How to rotate the Access key of a user in AWS
Access keys are long-term credentials for an AWS user. One of the best ways to protect your account is to ensure access keys are rotated periodically. This article provides a walkthrough of how to rotate Access keys for an IAM user in AWS.
How to rotate the Access key of a user using AWS CLI
Access keys are long-term credentials for an AWS user. One of the best ways to protect your account is to ensure access keys are rotated periodically. This article provides a walkthrough of how to rotate Access keys for an IAM user using AWS CLI.
How to deactivate the Access key of a user in AWS
Access keys for IAM users should be created only if there is a requirement and disabled or deleted afterwards if there won't be any further usage. In this article we take a look at how to deactivate Access keys for an IAM user in AWS.
How to deactivate the Access key of a user using AWS CLI
Access keys for IAM users should be created only if there is a requirement and disabled or deleted afterwards if there won't be any further usage. In this article we take a look at how to deactivate Access keys for an IAM user using AWS CLI.
How to change the password of an IAM User in AWS
Changing passwords periodically is considered to be a security best practice. This article provides a walkthrough of how you can change password for an IAM user in AWS.
How to change the password of an IAM User using AWS CLI
Changing passwords periodically is considered to be a security best practice. This article provides a step by step guide to change password for an IAM user using AWS CLI.
How to enable MFA Delete on S3 bucket
We will go through the steps to enable MFA so that bucket deletion requires an additional layer of security in the form of multi factor authentication.
How to enforce SSL/TLS for S3 requests using AWS
We will go through the steps to enforce SSL/TLS so that bucket policy prevents the contents of the bucket from being served over plaintext HTTP.
How to enforce SSL/TLS for S3 requests using AWS CLI
We will go through the steps to enforce SSL/TLS so that bucket policy prevents the contents of the bucket from being served over plaintext HTTP.
How to conduct assessment with aws-foundations-cis-baseline tool
This post covers the scan report assessment and interpret the results.
How to set up aws-foundations-cis-baseline tool for conducting CIS assessment
This post covers an introduction and instructions to set up the aws-foundations-cis-baseline tool for learning.
How to enable DNSSEC Signing in AWS Route53
Enabling DNSSEC signing increases trust between the user and the target AWS account ensuring that the integrity of the DNS record has not been tampered with and users are receiving information from the correct source. This article provides a step by step guide to enable DNSSEC signing in AWS Route53.
How to enable DNSSEC Signing in Route53 using AWS CLI
Enabling DNSSEC signing increases trust between the user and the target AWS account ensuring that the integrity of the DNS record has not been tampered with and users are receiving information from the correct source. This article provides a step by step guide to enable DNSSEC signing in Route53 using AWS CLI.
How to enable logging for elastic load balancer using AWS CLI
Logging requests to ELB endpoints is a helpful way of detecting and investigating potential attacks, malicious activity, or misuse of backend resources. Logs can be sent to S3 and processed for further analysis.
How to update AWS ELB HTTP Desync mitigation mode using AWS CLI
An AWS ELB with HTTP Desync mitigation mode set to **monitor** could allow a class of HTTP desynchronization attacks against the web server behind the Load Balancer. This article provides a step by step guide on how you can check and update the HTTP Desync mitigation mode for your ELB to a more secure option using AWS CLI.
How to update AWS ELB HTTP Desync mitigation mode
An AWS ELB with HTTP Desync mitigation mode set to **monitor** could allow a class of HTTP desynchronization attacks against the web server behind the Load Balancer. This article provides a step by step guide on how you can check and update the HTTP Desync mitigation mode for your ELB to a more secure option.
How to enable MFA for an IAM User using AWS CLI
AWS IAM provides multi factor authentication capabilities to its users which provides an additional layer of security. This article provides a step by step guide on how to enable multi factor authentication for users using AWS CLI.
How to enable logging for elastic load balancer
Logging requests to ELB endpoints is a helpful way of detecting and investigating potential attacks, malicious activity, or misuse of backend resources. Logs can be sent to S3 and processed for further analysis.
How to enable MFA for an IAM User in AWS
AWS IAM provides multi factor authentication capabilities to its users which provides an additional layer of security. This article provides a step by step guide on how to enable multi factor authentication for users in AWS.
How to setup AWS CLI on Linux
This academy article provides hands-on guidance on how to setup AWS CLI on Linux. Follow the steps in this article to set up AWS CLI
How to enable public access block to restrict access in S3 using AWS CLI
This article shows how to enable Block public access setting for S3 buckets
How to enable public access block to restrict access in S3
This article shows how to enable Block public access setting for S3 buckets
How to update IAM password policy to require minimum password length of 14 or greater using AWS CLI
IAM password policies can be used to enforce minimum password length to ensure password complexity. This article provides the step by step guide on how you can update your IAM password policy using AWS CLI.
How to update IAM password policy to require minimum password length of 14 or greater
IAM password policies can be used to enforce minimum password length to ensure password complexity. This article provides the step by step guide on how you can update your IAM password policy in AWS.
Using Prowler for AWS assessment against CIS Foundations benchmark - Part 2 Conducting assessment
Prowler is an Open Source security tool used for AWS security best practices assessments, incident response, audits, continuous monitoring, hardening, and forensics readiness.
Using Prowler for AWS assessment against CIS Foundations benchmark - Part 1 Introduction and setup
Prowler is an Open Source security tool used for AWS security best practices assessments, incident response, audits, continuous monitoring, hardening, and forensics readiness. This post covers an introduction and instructions to set up the tool for learning.
5 Different ways to authenticate with AWS
AWS supports multiple ways of authenticating users based on their context. This article shows various ways of authenticating to AWS using credentials, tokens, SSO and others.
How to update a user owned public EBS Snapshot to private using AWS CLI
User owned public EBS snapshots are accessible to any AWS user. If you have created a public EBS snapshot that may contain sensitive or private information and would like to change it to a private snapshot using AWS CLI, follow this step-by-step guide.
How to update a user owned public EBS Snapshot to private
User owned public EBS snapshots are accessible to any AWS user. If you have created a public EBS snapshot that may contain sensitive or private information and would like to change it to a private snapshot, follow this step-by-step guide.
How to encrypt EBS Snapshot in AWS
Encrypting EBS snapshots adds a layer of security and also helps in meeting compliance requirements. This article provides a walkthrough of how to encrypt an EBS snapshot in AWS.
How to encrypt EBS Snapshot using AWS CLI
Encrypting EBS snapshots adds a layer of security and also helps in meeting compliance requirements. This article provides a walkthrough of how to encrypt an EBS snapshot in AWS.
Allowing non AWS workloads to access AWS services using AWS IAM Roles Anywhere
AWS IAM Roles Anywhere is a feature that allows non AWS workloads (servers, containers, apps etc.) to obtain temporary security credentials in IAM. These workloads can use the same IAM policies and IAM roles that AWS compute resources use with AWS applications to access AWS cloud.
How to update IMDSv1 to more secure IMDSv2 on AWS
Having IMDSv1 enabled on your instances allows attackers to use vulnerabilities like SSRF to gain access to sensitive information of your instances. In this article we will walk through the steps to update an EC2 instance from IMDSv1 to IMDSv2 using AWS CLI.
How to Enable MFA for AWS Root User (Console + CLI)
Step-by-step guide to enabling multi-factor authentication on your AWS root account. Covers virtual MFA device setup, hardware keys, and why root MFA is the
How to remove AWS Root user access keys
Having an access key for the Root user poses the risk of being misused or stolen, since this user has unrestricted access in the account. If your Root user also has access keys that you would like to remove, here is a step-by-step guide to do so.
Restricting access to Elasticsearch/Opensearch service
Elasticsearch/OpenSearch domains that are not required to be openly accessible should be created without a public endpoint to prevent arbitrary public access to the domain.
How to enable Prevent Password Reuse policy in AWS
Prevent password reuse policy can be easily enabled in AWS. This helps in preventing users from reusing their old passwords after expiry or when password change operations are performed. This article provides a step by step walkthrough of how you can enable Prevent Password Reuse policy on AWS, both in video and text for your preferred medium of learning.
Migrating an unencrypted RDS database to an encrypted one
Encrypting data at rest is a security best practice. RDS instances must also be encrypted. If you have an existing unencrypted RDS instance, this article will guide you on how you can migrate it to an encrypted one.
How to restrict access to your publicly accessible RDS Instance
Exposing AWS RDS database instances to the internet is generally a bad security practice since it contains data meant to be consumed by specific instances only. If that is the case for you as well, follow this article to see how you can restrict access to your RDS Instances.
Restricting access to your RDS snapshots
Public AWS RDS database snapshots are accessible to any AWS user. If you have created a public RDS snapshot that may contain sensitive or private information and would like to change it to a private snapshot, follow this step-by-step guide.
How to Encrypt AWS EBS Volume
EBS volumes are not encrypted by default. Encrypting these adds a layer of security to the data stored on it.
How to update AWS AMI permission from Public to Private
A cloud administrator can create an instance with all tools and software installed and then make an image out of this to be reused in the future. This image could contain proprietary data and code etc. that could be abused by an attacker if they gain access to the AMI.
How to secure AWS S3 buckets with sensitive data
A lot of users, organizations and even nation states and governments utilize the versatility of Amazon’s S3 service. Any data that is stored on S3 needs to maintain the basic tenets of security, which include encryption of data at rest, in motion, authorization to access the data and assurance that actions performed on the data are auditable. In this article, we will take a look at how we can use the features provided by S3 to ensure our data is secure on the cloud.
An introduction to Service Control Policies (SCPs) in AWS
This article gives introduction on Service Control Policies (SCPs) in AWS .
Getting started with AWS ELB - Network Load Balancer
This article is a quick introduction to network load balancing and how to create a Network Load Balancer on AWS.
Getting started with AWS ELB - Application Load Balancer
Elastic Load Balancing (ELB) automatically distributes incoming application traffic across multiple targets and virtual appliances in one or more Availability Zones (AZs). In this article we will take a look at how to create an Application Load Balancer on AWS.
How to transfer files between AWS S3 and AWS EC2
A simple and quick walkthrough of how you can transfer files between AWS EC2 and AWS S3.
Configuring AWS Load Balancers to protect against HTTP Desync attacks
HTTP Desync attacks are a category of attacks on a system of proxies and load balancers when multiple devices in the chain parse parts of the HTTP request differently, resulting in tampering of legitimate HTTP sessions and bypassing application level security. AWS offers protection against these attacks in their Load Balancer service that prevents exploitation.
How to set up EFS and use with multiple instances in different VPCs
This academy article provides hands-on guidance on how you can set up an AWS EFS and use it with instances in different VPCs.
Create, attach, and detach EBS volumes
This academy article provides hands-on guidance on how you can create, attach, and detach EBS volumes to your EC2 instances on AWS.
How to set up an S3 bucket on AWS
This academy article provides hands-on guidance on creating an S3 bucket on AWS. Follow the steps in this article to set up your new S3 bucket
AWS EBS vs S3 vs EFS: Differences & Use Cases
EBS, S3, and EFS are three popular storage services provided by AWS. In this article, we take a look at each of these services and their use cases.
Tools for Scanning IPv6 networks
IPv6 networking is increasingly being adopted by businesses and organisations around the world. Though there are many popular scanners for IPv4, here’s a list that covers some of the tools that can be used to scan IPv6 networks.
Security measures against SSRF attacks for AWS EC2 instances
In this article you will learn about some preemptive security measures that can be implemented for AWS EC2 instances against SSRF attacks.
5 Things to Consider When Using AWS Elastic IP Addresses
Learn the key considerations and best practices for using AWS Elastic IP addresses effectively
Fixing the default insecure network connection option for RDS instances
The AWS RDS service, by default, does not enable transport layer security, allowing clients to connect insecurely if they want to. This article shows how SREs, DevOps, and RDS administrators can lower the risk that this default configuration poses.
How to securely configure an AWS EC2 instance
AWS EC2 is one of the most popular and widely used services from AWS. With a variety of options available to tailor the EC2 instances as per one’s requirements, it also poses a risk of introducing security gaps in the form of misconfigurations or insecure defaults. In this article we discuss some of the ways that can help configure our EC2 instances securely.
A detailed guide on protecting against the 8KB AWS WAF limitation
Google Cloud Armor has a documented limitation related to the maximum size of an HTTP POST request body the service is able to inspect and block. Attackers can use this limitation to bypass the protection provided by Cloud Armor and potentially exploit vulnerabilities that may be present in an underlying web application. This article will take you through how Cloud Armor rules can be configured to appropriately mitigate the risk due to the limitation.
What is Multi-Factor Authentication in AWS?
A detailed article that describes what Multi-Factor Authentication systems are, how they increase the security of the system they protect and what it means in the context of the AWS cloud.
How to perform an IAM Security Audit in AWS
A step by step guide to show how a security audit of AWS IAM can be performed to identify users attributes like unrotated keys, IAM password policies, access and much more.
AWS S3 Default Server Side Encryption - Detection and Support
An in-depth analysis of AWS's new default server-side encryption for S3, including how to detect encryption status, what the changes mean for users, and recommended best practices for ensuring proper encryption.
How to perform a EC2 Vulnerability using Amazon Inspector
A guide on how to perform an EC2 Vulnerability Scan using Amazon Inspector with the console and the CLI.
How to get all public IP addresses in your AWS account
The knowledge of all public IP addresses across different services within AWS is a good way to get started with understanding what the attack footprint of an organisation looks like. This article describes fetching this information using both, the web console and the CLI.
Getting started with AWS CloudTrail to monitor for security-sensitive APIs
CloudTrail is a service offered by AWS to monitor and record all actions taken within an AWS account. This article describes how you can get started with AWS CloudTrail to monitor for security sensitive APIs.
How to find vulnerable log4j instances across your AWS EC2 instances
A guide to help you discover vulnerable Log4j packages across multiple Linux machines using scripting and the AWS SSM to run commands remotely.
A MySQL bug that causes a misconfiguration in the WAF service on the AWS Cloud
No description available
IAM Bad: Privilege Escalation using Misconfigured Policies in AWS IAM (Webinar)
A walkthrough of the slides covered as part of our Star Wars Day special webinar on IAM policy misconfigurations that can lead to privilege escalations and a takeover of the target AWS account.
A Technical Analysis of the AWS CloudShell service
A quick technical analysis of the AWS CloudShell service that provides a pre-configured shell on the cloud with access to your AWS account.