Cloud Security Things To Know
What should you know as a cloud security engineer or for a cloud security interview?
A list of things to know as a cloud security engineer or for a cloud security interview (mostly based on AWS). I'll update this page as I learn and discover more.
IAM
- Roles, Policies, Cross Account Access
- User Groups
- Access Permissions
- SDKs
- Authentication
- Identity Providers
- Users & Identities
- Identity Federation
- Service Accounts
- Service Principals
- Privileged Access
- MFA
- Sessions & Tokens
- Access Keys
Encryption
- Server-Side Encryption
- Client-Side Encryption
Scripting
- Python
- Golang
Containerization & Orchestration
- Docker
- Kubernetes
- Managed: Amazon EKS, Azure AKS, Google GKE
- Unmanaged Kubernetes
Compliance
- AWS Config, Macie - Compliance, and so on.
APIS
- API Security
- API Exposure
- Locking Down API endpoints to People/Users
Logging
- VPC Flow Logs
- CloudTrail
- Centralizing VPC flow logs from multiple accounts into one account
- Datadog
- Splunk
Storage
- Bucket Access
- Public, Private and Bucket Policies
- Pre-signed Cookies & URLs
Infrastructure as Code
- Terraform
- CloudFormation
Security
- Security Groups
- NACLs
- WAF
- Jump Servers (bastion Hosts)
Secure Storage
- Secrets Manager
- Parameter Services
Networking
- Subnetting
- Public vs Private IPs
Devops
- Git
- Github
- Gitlab
Cloud Attacks
Refer to the MITRE ATT&CK Cloud Matrix for more
- Initial Access Vectors
- Compromised Credentials
- Static Credentials
- Not rotating credentials
- Credentials pushed to publicly accessible code (GitHub) repos
- Credentials found in public storage (S3, GCS Buckets)
- Compromised Credentials
- Persistence
- Modifying permission groups or roles
- Modifying password duration policies
- Creating new credentials for service accounts/service principles
- Privilege Escalation(Vertical) & Lateral Movement (Horizontal)
- Service account impersonation (GCP)
- Default Credentials
- Token Manipulation
- Adding a user to a group
- Attaching a RolePolicy/Group Policy to a Group or User
- Creating Access Keys for more privileged users
ย