Gained hands-on experience with common security weaknesses around the most commonly used AWS services and covered mitigations to help in securing these services. Key Learnings π§
- IAM Permissions and Credentials π Long-term Credentials: Created via the AWS Console or AWS CLI using commands like aws iam create-access-key. Short-term Credentials: Generated by AWS Security Token Service (STS) using commands like aws sts get-session-token. Best Practices: Avoid using IAM Users when possible; prefer SAML or OIDC for session credentials. Never commit access keys to source code repositories. Rotate access keys regularly and use Multi-Factor Authentication (MFA) for enhanced security.
- Resource Policies and Service Control Policies (SCPs) π IAM Policies: Define what actions a principal can perform on resources. Resource Policies: Attached to resources (e.g., S3 buckets) to define who can access them. SCPs: Applied at the organizational level to enforce compliance and security policies across accounts.
- AWS Services and Security βοΈ AWS Lambda: Explored security implications of serverless functions, including execution roles and resource-based policies. S3 Buckets: Learned about public S3 buckets, their naming conventions, and how to identify misconfigured buckets. EC2 Instances: Gained insights into launching and managing EC2 instances, including security group configurations and IAM roles.
- VPC and Networking π VPC Components: Understood the structure of VPCs, including subnets, route tables, and security groups. NAT Gateways and VPC Endpoints: Learned how to manage internet access for private subnets and secure communication with AWS services.
- Monitoring and Logging π VPC Flow Logs: Used for monitoring network traffic and identifying potential security threats. AWS GuardDuty: A threat detection service that uses machine learning to identify suspicious activity.
- Hands-On Labs π οΈ Engaged in practical labs that involved: Creating IAM users and roles. Configuring access keys and environment variables. Exploring and exploiting public S3 buckets. Using tools like FireProx for IP rotation in API requests. Conclusion π This training has not only equipped me with valuable skills but also reinforced my commitment to continuous learning in cybersecurity and cloud computing. I am excited to apply this knowledge in real-world scenarios and contribute to secure cloud architectures