HackTricks CloudAWS - Trusted Advisor Enum
Reading time: 3 minutes
AWS - Trusted Advisor Enum
tip
Learn & practice AWS Hacking:
HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: 
HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
AWS Trusted Advisor Overview
Trusted Advisor is a service that provides recommendations to optimize your AWS account, aligning with AWS best practices. It's a service that operates across multiple regions. Trusted Advisor offers insights in four primary categories:
- Cost Optimization: Suggests how to restructure resources to reduce expenses.
- Performance: Identifies potential performance bottlenecks.
- Security: Scans for vulnerabilities or weak security configurations.
- Fault Tolerance: Recommends practices to enhance service resilience and fault tolerance.
The comprehensive features of Trusted Advisor are exclusively accessible with AWS business or enterprise support plans. Without these plans, access is limited to six core checks, primarily focused on performance and security.
Notifications and Data Refresh
- Trusted Advisor can issue alerts.
- Items can be excluded from its checks.
- Data is refreshed every 24 hours. However, a manual refresh is possible 5 minutes after the last refresh.
Checks Breakdown
CategoriesCore
- Cost Optimization
- Security
- Fault Tolerance
- Performance
- Service Limits
- S3 Bucket Permissions
Core Checks
Limited to users without business or enterprise support plans:
- Security Groups - Specific Ports Unrestricted
- IAM Use
- MFA on Root Account
- EBS Public Snapshots
- RDS Public Snapshots
- Service Limits
Security Checks
A list of checks primarily focusing on identifying and rectifying security threats:
- Security group settings for high-risk ports
- Security group unrestricted access
- Open write/list access to S3 buckets
- MFA enabled on root account
- RDS security group permissiveness
- CloudTrail usage
- SPF records for Route 53 MX records
- HTTPS configuration on ELBs
- Security groups for ELBs
- Certificate checks for CloudFront
- IAM access key rotation (90 days)
- Exposure of access keys (e.g., on GitHub)
- Public visibility of EBS or RDS snapshots
- Weak or absent IAM password policies
AWS Trusted Advisor acts as a crucial tool in ensuring the optimization, performance, security, and fault tolerance of AWS services based on established best practices.
References
tip
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.