AWS Cloud Security for Beginners — Part 1

Cloud computing has gained enormous attention during the past few years, and a lot of companies are shifting their infrastructure into the cloud environments. With most of the cloud service providers, security comes as a part of their design. Nevertheless, people make mistakes and introduce misconfigurations and vulnerable applications into their cloud environments, leading to various attacks.

In this series of articles, we will discuss various problems related to Amazon Web Services (AWS) due to misconfigurations caused by human error.

Disclaimer: If you are running any automated scanners or performing attacks against the AWS environment, thus causing disruptions to users or any AWS services, you are completely responsible for your own actions. This series of articles is for educational purposes only.

Amazon Web Services is one of the most-used cloud service providers. The following is a figure showing public cloud adoption in 2017 and 2018.

Source: https://www.rightscale.com/lp/state-of-the-cloud?campaign=7010g0000016JiA

With the massive adoption of AWS, its security is obviously a major focus for both administrators and attackers.

We will build our own lab setup so that we will be able to understand how the application/infrastructure is built before we look at things from an attacker’s angle.

The following are the prerequisites before proceeding.

AWS Free-Tier Account

As of writing this article, the AWS free-tier account is providing various amazing features for 12 months, free. The only catch is that you need to add your credit or debit card while registering an account.

If you have an AWS account, you are good to go. If not, you can simply go and create an account here. After successfully logging in, you can explore various services offered by AWS as shown below.

Laptop with Windows/Linux/Mac OSX

We will use Ubuntu for all our labs in this series, but any other OS should (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Srinivas. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/camOYk5UDEg/