Home Amazon Web Services (AWS)
Post
Cancel

Amazon Web Services (AWS)

Overview

Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform, offering over 200 fully featured services from data centers globally. 1. Certain products can be configured to be publicly accessible queryable via the internet, leaving the door ajar for attacks against the hosted platforms.

However, it is important to note that certain products can be configured to be publicly accessible and queryable via the internet, which can leave the door open for attacks against the hosted platforms. This is especially true for products that are used for compute, storage, and containers, as these are typically the most vulnerable to attacks.

Some of the more commonly encountered AWS products that may be at risk of attack include:

  1. Cloud Infrastructure (EC2): This service allows users to rent virtual computers on which they can run their own applications. If these virtual computers are not properly configured, they may be vulnerable to attacks.
  2. Cloud Containers (ECS): This service allows users to run containerized applications in the cloud. If the containers are not properly secured, they may be vulnerable to attacks.
  3. Cloud Storage (S3): This service allows users to store and retrieve data in the cloud. If the storage is not properly configured, it may be vulnerable to attacks.

It is important for users of AWS products to properly configure and secure their deployments to prevent attacks against their hosted platforms. This can include using strong passwords and access controls, applying security updates and patches, and monitoring for suspicious activity.

Interacting with AWS via the AWS-CLI

The AWS Command Line Interface (AWS CLI) is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts. 2

The AWS-CLI must first be configured prior to use. If details have not been obtained, arbitrary entries may be used in an attempt of unauthenticated access.

1
2
3
4
5
6
aws configure

# AWS Access Key ID [None]: accesskey
# AWS Secret Access Key [None]: secretkey
# Default region name [None]: us-west-2
# Default output format [None]:

A full list of commands can be found on the AWS - CLI Command Reference page.

Cloud Storage (S3)

Once AWS-CLI is installed and configured, you can use the following commands to interact with S3: 3

CommandDescriptionExample Command Line
aws s3 lsList the contents of an S3 bucket.aws s3 ls s3://my-bucket
aws s3 cpCopy a file to or from an S3 bucket.aws s3 cp /local/path/file.txt s3://my-bucket/file.txt
aws s3 cpCopy multiple files to or from an S3 bucket.aws s3 cp /myfolder s3://mybucket/myfolder –recursive
upload: myfolder/file1.txt to s3://mybucket/myfolder/file1.txt
upload: myfolder/subfolder/file1.txt to s3://mybucket/myfolder/subfolder/file1.txt
aws s3 mvMove a file within an S3 bucket or to a different bucket.aws s3 mv s3://my-bucket/file.txt s3://my-other-bucket/file.txt
aws s3 rmDelete a file from an S3 bucket.aws s3 rm s3://my-bucket/file.txt
aws s3 syncSynchronize the contents of a local directory with an S3 bucket.aws s3 sync /local/path/ s3://my-bucket/

References

This post is licensed under CC BY 4.0 by the author.