Technical review setup for Amazon Web Services : assessing Amazon cloud computing service configurations

Abstract

This thesis provides a comprehensive technical review setup to audit various Amazon Web Services (AWS) services. The objectives were to describe the functionalities and features of important AWS services and to assess their cost, and security posture through automation and a manual visual auditing process. A thorough examination of official AWS documentation and relevant resources was conducted to gain a comprehensive understanding of the services and their security implications. Automation workflow was then setup to audit the cost and security configurations of the AWS services to identify potential vulnerabilities and misconfigurations with scanning tools. After the completion of the technical review, manual auditing can be conducted by reviewers to identify critical misconfigurations, cost issues, and vulnerabilities from a visual data template. Cloud services at present have hundreds of products and numerous rule sets available, meaning that establishing a functional work environment can be challenging. The simplicity of deploying cloud services can lead to the potential for mistakes, including incorrect configurations and security issues that may result in significant financial losses. Automation workflows are essential to enable the collection and auditing of critical configuration data through a reliable process.