Skip to content

anthoniaoine/AWS-security

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
README.md
README.md
 
 
diagram.txt
diagram.txt
 
 

Repository files navigation

AWS Security and Access Control Review

Introduction

Security is a critical part of managing cloud infrastructure. In this scenario, the company is using poor security practices such as relying on the AWS root account for daily operations, allowing unrestricted SSH access, storing backups in Amazon S3 without access controls, and sharing one login across the team. These practices expose the company to serious risks such as unauthorized access, data breaches, and lack of accountability.

This document identifies the risks and proposes a more secure AWS architecture.

Risks in the Current Setup

1. Root Account Used for Daily Operations

The root account has full administrative privileges. If compromised, attackers could gain complete control of the AWS environment.

2. SSH Open to the Entire Internet

Allowing SSH access from 0.0.0.0/0 means anyone on the internet can attempt to connect to the server, increasing the risk of brute-force attacks.

3. Unsecured S3 Backups

Backups stored in Amazon S3 without proper access controls may become publicly accessible and expose sensitive data.

4. Shared Login Credentials

Using one login for the entire team removes accountability and increases security risks.

Recommended Security Improvements

IAM Users

Each employee should have their own IAM user account. Permissions should follow the principle of least privilege, giving users access only to the resources they need.

IAM Roles

IAM roles should be used by services such as EC2 to access other AWS services like S3. Roles eliminate the need to store access keys directly on servers.

Security Groups

Security Groups act as virtual firewalls for EC2 instances.

Recommended rules:

  • Allow HTTP (port 80) for web traffic
  • Allow HTTPS (port 443) for secure connections
  • Allow SSH (port 22) only from trusted IP addresses

This reduces the system’s attack surface.

Secure SSH Access

SSH access should follow best practices:

  • Use SSH key pairs instead of passwords
  • Restrict access to specific IP addresses
  • Use Multi-Factor Authentication (MFA) for IAM users
  • Consider using a bastion host or VPN for administrative access

Controlling Access to S3

To protect backups stored in S3:

  • Enable Block Public Access
  • Restrict access using IAM policies
  • Enable encryption
  • Enable versioning for backups

Only authorized services or users should be allowed to access the bucket.

Conclusion

The company’s current architecture exposes it to multiple security risks including misuse of the root account, unrestricted SSH access, unsecured backups, and shared credentials. By implementing IAM users and roles, properly configuring Security Groups, securing SSH access, and controlling S3 permissions, the organization can significantly strengthen its AWS security posture.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors