Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks:
- If you want to see your company advertised in HackTricks or download HackTricks in PDF Check the SUBSCRIPTION PLANS!
- Get the official PEASS & HackTricks swag
- Discover The PEASS Family, our collection of exclusive NFTs
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share your hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
Trusted Advisor is a service that provides recommendations to optimize your AWS account, aligning with AWS best practices. It's a service that operates across multiple regions. Trusted Advisor offers insights in four primary categories:
- Cost Optimization: Suggests how to restructure resources to reduce expenses.
- Performance: Identifies potential performance bottlenecks.
- Security: Scans for vulnerabilities or weak security configurations.
- Fault Tolerance: Recommends practices to enhance service resilience and fault tolerance.
The comprehensive features of Trusted Advisor are exclusively accessible with AWS business or enterprise support plans. Without these plans, access is limited to six core checks, primarily focused on performance and security.
- Trusted Advisor can issue alerts.
- Items can be excluded from its checks.
- Data is refreshed every 24 hours. However, a manual refresh is possible 5 minutes after the last refresh.
- Cost Optimization
- Security
- Fault Tolerance
- Performance
- Service Limits
- S3 Bucket Permissions
Limited to users without business or enterprise support plans:
- Security Groups - Specific Ports Unrestricted
- IAM Use
- MFA on Root Account
- EBS Public Snapshots
- RDS Public Snapshots
- Service Limits
A list of checks primarily focusing on identifying and rectifying security threats:
- Security group settings for high-risk ports
- Security group unrestricted access
- Open write/list access to S3 buckets
- MFA enabled on root account
- RDS security group permissiveness
- CloudTrail usage
- SPF records for Route 53 MX records
- HTTPS configuration on ELBs
- Security groups for ELBs
- Certificate checks for CloudFront
- IAM access key rotation (90 days)
- Exposure of access keys (e.g., on GitHub)
- Public visibility of EBS or RDS snapshots
- Weak or absent IAM password policies
AWS Trusted Advisor acts as a crucial tool in ensuring the optimization, performance, security, and fault tolerance of AWS services based on established best practices.
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks:
- If you want to see your company advertised in HackTricks or download HackTricks in PDF Check the SUBSCRIPTION PLANS!
- Get the official PEASS & HackTricks swag
- Discover The PEASS Family, our collection of exclusive NFTs
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share your hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.