What is Relational Database Service (AWS RDS)

Amazon Web Services Relational Database Service (AWS RDS) is a managed database service that simplifies the setup, operation, and scaling of relational databases in the cloud. RDS supports various database engines, including MySQL, PostgreSQL, Oracle, SQL Server, and MariaDB, offering organisations a range of options to meet their specific database needs.

Here’s how AWS RDS works:

Deployment: Users can easily launch a relational database instance in RDS. AWS manages the provisioning of hardware, database setup, patching, and backups, reducing administrative overhead.

Database Engines: RDS supports multiple database engines, allowing users to choose the one that best suits their application requirements.

Scaling: RDS provides options for vertical and horizontal scaling to accommodate growing workloads. Users can resize instances or create read replicas for improved performance and availability.

Automated Backups: RDS automated database backups, making it simple to recover data in case of failures or user errors. Users can also set up automated snapshots for data retention.

Security: RDS offers robust security features, including network isolation, encryption at rest and in transit, and integration with AWS Identity and Access Management (IAM) for fine-grained access control.

Monitoring and Metrics: AWS CloudWatch integration allows users to monitor database performance and set up alarms for proactive issue resolution.

High

AWS Identity and Access Management (AWS IAM)

Amazon Web Services Identity and Access Management (AWS IAM) is a service that governs access to AWS resources, ensuring secure and fine-grained control over permissions. IAM operates by defining policies that specify what actions are allowed or denied on AWS resources.

Users, groups, and roles are key IAM entities. Users represent individual identities, while groups allow for collective permission assignment. Roles are used for cross-account or service-level access. IAM also supports multi-factor authentication (MFA) for added security and provides access keys for programmatic access.

Use Case: Consider a large organisation with multiple departments and teams, each needing varying levels of access to AWS resources. AWS IAM helps create and enforce access policies, ensuring that developers can launch and manage EC2 instances, while system administrators can configure and secure networking resources.

Additionally, IAM allows external contractors to have temporary, scoped access to specific resources without compromising security. This granular control over permissions ensures that users have precisely the access they need, following the principle of least privilege, while maintaining the organization’s overall security posture.

Abusing Instance Metadata Service (IMDS)

AWS IMDSv1 (Instance Metadata Service Version 1) and IMDSv2 (Instance Metadata Service Version 2) are services provided by Amazon Web Services (AWS) that allow EC2 instances to retrieve metadata about themselves and

AWS Unauthenticated Enumeration

AWS (Amazon Web Services) enumeration is the process of identifying and locating AWS resources and endpoints within a given AWS environment or from outside of the environment (unauthenticated). This is an essential process for both legitimate administrative tasks and potentially malicious ones (such as penetration testing or hacking). Proper permission settings and security measures can prevent unauthorised enumeration.

OSINT

Use Google Dorks to find leaked AWS secrets in search engines such as Google:

<Target_Company> “AWS_ACCESS_KEY_ID” OR “AWS_ACCESS_SECRET_KEY”