Difference between revisions of "AWS"

From Ever changing code
Jump to navigation Jump to search
 
(20 intermediate revisions by the same user not shown)
Line 1: Line 1:
== ssh to EC2 instance ==
{{Special:PrefixIndex/AWS/}}
SSH theory using a private and public key
<gallery widths=400px heights=300px>
File:Ssh-pem-pub-keys.png
File:Private-public-key.jpg
</gallery>
===Generate private PEM key and public PUB key on Linux client===
The command below will generate private/public key pair in the current directory. The file without the extension it is private key, please <code> cat mykey</code> to preview. You will be prompted for passphrase what it adds an extra of security but it can be ignored by pressing [enter] twice.
ssh-keygen -t rsa
Change permissions of the key to ready only by owner as per [http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EC2_GetStarted.html#EC2_ConnectToInstance_Linux Getting Started with Amazon EC2 Linux Instances]
chmod 400 mykey.pem
-r------- 1 user user 1766 Aug 18 01:17 mykey.pem
===Copy public PUB key to the EC2 instance===
Copy <tt>mykey.pub</tt> public PUB key to EC2 instance
scp ~/.ssh/mykey.pub ubuntu@ec2-user@ec2-99-99-99-99.compute-1.amazonaws.com:/home/ubuntu/.ssh/
Append <tt>mykey.pub</tt> to <tt>authorized_keys</tt> this is know as nstalling the public key to server
ssh ubuntu@ec2-user@ec2-99-99-99-99.compute-1.amazonaws.com
cat ~/.ssh/mykey.pub >> ~/.ssh/authorized_keys
===Connect to the EC2 instance===
*Ubuntu user: ubuntu (confirmed)
*RedHat user: root (tbc)
*Amazon branded instances: ec2-user (to be confirm)
Connecting and useful flags <code> -l username</code> specifies linux account user name, <code>-v</code> verbose mode
ssh -i mykey.pem ubuntu@ec2-user@ec2-99-99-99-99.compute-1.amazonaws.com


=== EC2 Security Group ===
 
Remember to assign the security group that applies to your scheme on your instance. Having port open on the instance does not mean you will be able to access from outside. It must bypass '''EC2 Security Group''' first. Overview below:
Tools
[[File:Ec2-security-group.png|none|600px|thumb|left|Ec2-security-group]]
*[https://bash-my-aws.org bash-my-aws.org]
*[https://github.com/toniblyx/prowler Prowler] AWS CIS Benchmark Tool
 
 
List all AWS service
<source lang=bash>
curl -s https://awspolicygen.s3.amazonaws.com/js/policies.js | sed '1s/[^=]*=//' | jq . | grep -B1 StringPrefix | grep -v StringPrefix | sed 's/\"//g;s/\-//g;s/: {//g' | grep -v "^$" | sort
    Alexa for Business
    Amazon API Gateway
...
# 219 as of 11/01/2020
</source>
 
[[Category:aws]]

Latest revision as of 10:15, 17 July 2020


Tools


List all AWS service 

curl -s https://awspolicygen.s3.amazonaws.com/js/policies.js | sed '1s/[^=]*=//' | jq . | grep -B1 StringPrefix | grep -v StringPrefix | sed 's/\"//g;s/\-//g;s/: {//g' | grep -v "^$" | sort
    Alexa for Business
    Amazon API Gateway
...
# 219 as of 11/01/2020
Retrieved from ‘http://wiki.ciscolinux.co.uk/index.php?title=AWS&oldid=5600