AWS - Services

Tip

Učite i vežbajte AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Učite i vežbajte GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Učite i vežbajte Azure Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Podržite HackTricks

Types of services

Container services

Servisi koji spadaju u kontejnerske servise imaju sledeće karakteristike:

  • The service itself runs on separate infrastructure instances, such as EC2.
  • AWS is responsible for managing the operating system and the platform.
  • A managed service is provided by AWS, which is typically the service itself for the actual application which are seen as containers.
  • Kao korisnik ovih kontejnerskih servisa imate niz upravljačkih i bezbednosnih odgovornosti, uključujući upravljanje sigurnošću pristupa mreži, kao što su pravila network access control list i bilo koji vatrozidi.
  • Takođe, upravljanje identitetom i pristupom na nivou platforme gde postoji.
  • Primeri AWS kontejnerskih servisa uključuju Relational Database Service, Elastic Mapreduce, i Elastic Beanstalk.

Abstract Services

  • Ovi servisi su removed, abstracted, from the platform or management layer which cloud applications are built on.
  • Servisi se pristupa putem endpointa koristeći AWS aplikacione programske interfejse (APIs).
  • The underlying infrastructure, operating system, and platform is managed by AWS.
  • Apstrahovani servisi pružaju platformu sa višekorisničkom arhitekturom na kojoj se osnovna infrastruktura deli.
  • Podaci su izolovani putem bezbednosnih mehanizama.
  • Apstraktni servisi imaju jaku integraciju sa IAM, i primeri apstraktnih servisa uključuju S3, DynamoDB, Amazon Glacier, i SQS.

Services Enumeration

The pages of this section are ordered by AWS service. In there you will be able to find information about the service (how it works and capabilities) and that will allow you to escalate privileges.

Tip

Učite i vežbajte AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Učite i vežbajte GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Učite i vežbajte Azure Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Podržite HackTricks