Amazon IAM

Identity and access management refers to the signed requests sent to AWS. These signed requests are signed with IAM Access keys that consist of Key ID [begins with AKIA and are 20 characters long] which is usually considered as a username and Secret Key [40 characters long]. The issue with these credentials is that when an attacker is able to locate them they can create a new profile with these credentials and send requests using these credentials.

Adding credential keys to a new profile

aws configure --profile PROFILENAME

Listing buckets in the new account using the newly added profile

aws s3 ls --profile PROFILENAME

Finding an account ID given you got the access key

aws sts get-access-key-info --access-key-id AKA_EXAMPLE --profile [profile-name]

Finding the username

aws sts get-caller-identity --profile PROFILENAME

Listing EC2 instances belonging to an account

aws ec2 describe-instances --output text --profile PROFILENAME

Listing EC2 instances belonging to an account with a region specified.

aws ec2 describe-instances --output text --region us-east-1 --profile PROFILENAME

Retrieving the secrets or the credential manager contents of a profile

aws secretsmanager list-secrets --profile [profile-name]

Retrieving a specific secret value from the credential manager

aws secretsmanager get-secret-value --secret-id [nameofthesecret] --profile [profile-name]

Retrieving a specific secret value from the credential manager with region specified

aws secretsmanager get-secret-value --secret-id [nameofthesecret] --profile [profile-name] --region

PreviousS3 Buckets NextDockers

Last updated 10 months ago