Open in app

Sign in

Write

Sign in

AWS Security for Noobs

Ronnie Joseph
Bug Bounty Hunting
Published in
6 min readAug 22, 2021

This post covers the very basics of how Amazon web services work and will cover a little bit about AWS security also. I have created some notes(after watching some videos) here which will you get started and gain a simple understanding of what is AWS and some of it’s components.

EDIT: I cleared AWS Certified Cloud Practitioner exam.

In olden times, we used to have physical data centres to store user data, and for the overall data collection and logging for various activities.

Physical Data centres created some issues:

To mitigate some of these issues, companies started to shift to various cloud alternatives as they were more cheaper and reliable.

Some popular cloud providers now are Amazon AWS, GCP and Azure.

AWS advantage:

  • AWS provides elasticity. (Search for the term ESXi)
  • No need to over provision hardware
  • No need of rack and cable.
  • Cost contracts automatically with usage.

AWS CLOUD

  1. Regions : It is a geographical location.
  2. Availability zones: one or more data centres with a region. Applications can span multiple AZ’s.

We should put in place where more customers are there to reduce latency.

Elastic compute cloud (EC2)

  • Hypervisor allows multiple virtual machines to run on the same physical server.
  • VM’s are completely independent.
  • Ec2 instance is a virtual server that run on physical server in amazon datacenter.
  • Extremely scalable.

We have several EC2 instance types for different purposes like General purpose, Accelerated computing, Storage optimised etc.

AMI : Amazon machine image provided by amazon like ubuntu image.

Elastic block store (EBS)

  • Disks for EC2 instances .
  • Can be used to boot the instance.
  • Can have multiple EBS in single instance.

IOP’s : Input/ Output per second.

Types:

General Purpose SSD (gp2)

  • Cost effective storage.
  • Supports Bursting meaning can serve demands during high peak demands occasionally.
  • Performance is based on volume size.
  • Burst credit 3000 IOP’s per 30 min.

Provisioned IOP’s SSD (io1)

  • Designed high intensive I/O workloads like dbs.
  • Provides consistent performance.

Hard disk based storage

Not ssd so less speed.

st1:Throughput optimized HDD

  • Low cost, supports bursting

Note: EC2 can’t be booted via st1.

sc1: Cold HDD

  • Lowest cost, lowest performance, reduced bandwidth and bursting.

VPC (Virtual private cloud)

It is an isolated network within AWS cloud . We can use it to provide secure connectivity to virtual servers.

Bastion hosts are used as a middle men from which external hosts can connect and it acts as a management to interact with internal hosts.

Security Groups

  • It is stateful firewall.
  • It analyses based on rule and either allow or disallowed.
  • Dynamically allows return traffic through.
  • Outbound traffic is allowed by default.
  • We can provide network ACL’s

Network ACL’s

  • Controls traffic based on IP and port no.
  • Stateless
  • Applied at subnet level.

Simple storage service(s3)

  • Place to store files like videos and images.
  • Can’t install db/images etc
  • Max file size is 5 TB.
  • Glacier backups: Long term backups.
  • Helps in media transcoding.

S3 availability :

Databases:

RDS

Multi Az RDS:

  • Even if RDS in one zone fails, the system will transfer and work from other AZ.
  • Read replica: Can create duplicate of master RDS in one AZ.

AWS SECURITY

IAM

Managing users and groups

Configuring IAM policies .

Managed vs Unmanaged Services:

Shared Responsibility Model

Security in Cloud vs Security OF the cloud

Compliance and Penetration Testing rules of AWS

  • AWS compliance solutions guide
  • Pentest rules
  • Have to request permission to them .

WAF

provided by AWS .

  • Can define rules/predefined rules.
  • Can be applied to cloudfront or load balancer and detects signature.
  • Also available in AWS marketplace.

IAM (AWS identity and access Management)

  • AWS does not charge for IAM .
  • Used to create users, groups, policies, roles etc.
  • IAM USER: Represent a person or appln. within which will interact with aws.
  • They access AWS using password, ssh etc.
  • But it’s not scalable . We can set permission for 100’s of users. So we have IAM groups.
  • IAM GROUP: helps for assigning and managing permission for multiple users.
  • It puts users into groups .
  • Groups get permissions.
  • we CANNOT put group inside a group .

IAM ROLE: Use this to minimise the blast radius in case of attack/sensitive leak .

  • User logins to authenticate but does not get permissions. Permission are only accessible through allowed roles.

FOR IAM we have AWS policy generator.

Helps to find exposed ec2 keys, cloudtrail logging.

The rules package which maybe defined in the assessment template are:

  • Security Best Practices
  • Runtime Behaviour Analysis
  • CVE
  • CIS OS security configuration benchmark

We may use Cloudwatch to create alerts after scan results .

AWS service in scope

It allows to check individual AWS services , and the associated sdk against various compliance standards like PCI.

  • Shield is free and provides automatic protection at no charge.
  • Defends against most common attacks at network and transport layers.

ADVANCED:

It’s not free and costly. 3000 dollars per month.

AWS DESIGN PRINCIPLES

The Well-Architected Framework

Foundational design principles that helps to control costs, achieve reliability, and maintain secure cloud configuration.

Load balancing.

  • Distributes traffic amongst different interchangeable ec2 instances.
  • Performs health checks.
  • Instance can exist in multiple AZ.

Router 53 is DNS of aws.

Auto Scaling:

  • Elasticity ; like a rubber end.
  • Can scale up and down.
  • It adds and removes ec2 instances based on cloudwatch alerts.

AWS pricing

On Demand instances: are most expensive, but flexible. Like if you want to start a temporary ubuntu vm in AWS.

Reserved instances: They are purchased for 1–3 yrs.

Spot Instances: Follows bid process where we can sue them when aws is not used(midnight) . auto terminates when the price exceeds our bid.

TCO calculator :

Total cost of ownership

  • Can be used to project cost savings with AWS and used in presentations.

Support Plans:

  • Developer, enterprise etc.
  • For contact/chat

Image credits: ine

If you need to gain more knowledge to have practical attack and defence techniques, please read this:

AWS Top 10 Vulnerabilities

This contains the labs for top 10 aws security vulnerabilities and increases info about cloud security.

medium.com

AWS
Bugbounty
Hacking
Cloud

--

--

Ronnie Joseph
Bug Bounty Hunting

Written by Ronnie Joseph

1.99K Followers
Editor for

Security Engineer / Graduate Student Looking for Application security engineer job

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams