Readings: Cloud Identity and Access Management (IAM) with AWS

Below you will find reading materials and additional resources that support today’s topic and the upcoming lecture.

Review the Submission Instructions for guidance on completing and submitting this assignment.

Reading

Lessons Learned from the Capital One Data Breach (PDF)

What were the three commands used for the attack?

• Get credentials: used to get security credentials from a ****-WAF-Role account (a type of IAM account) for elevated role access.
• List buckets: uses the security credentials of the *****-WAF-Role account to list S3 bucket contents (i.e. files and folders) when command is executed.
• Download files: uses the *****-WAF-Role account to download files accessible by the credentials when command is executed.

What misconfiguration of AWS components allowed the attacker to access sensitive data?

-A misconfiguration of the AWS Web Application firewall, specif

What are two of the AWS Governance practices that could have prevented such attack?