Currently it can help in securing these endpoints: This means that your web applications or web APIs can be exposed through different endpoints.ĪWS WAF can block hostile traffic and provide both web application security and API security. In an AWS environment, your application might be running on EC2 Virtual Machines or ECS Containers, or using Serverless services like API Gateway. What is AWS WAF?ĪWS WAF helps to protect front-end AWS services from various types of attacks and known vulnerabilities. In this article, we will discuss how to configure and use AWS WAF (Amazon Web Services’ Web Application Firewall) to protect web applications and APIs hosted in an AWS cloud environment. Make sure to change the profile (three times in the one liner) and add -region if you need to use another one then your default configured.As more organizations have embraced the cloud, new security challenges have arisen, but new security tools have also become available.
So I started to write a one-liner in bash using aws cli v2 (tested on Ubuntu 20.04 & macos big sur) to do that for me. I quickly decided that we would not spend time on doing an inventory on what authorization each resource is configured with in all the 312 API Gateway endpoints in production. It started with my colleague and I needing to do an inventory, We needed to understand our public exposed resources that were not protected by a authorization mechanism that is handled by AWS API Gateway (IAM, API keys etc).
Well, I actually changed my prioritization as we found that 7% of our API Gateways were not supposed to be public and were exposing us for to risk. I had and I needed it to understand what API Gateway endpoints I would like to focus on for our AWS WAF rollout to minimize the risk of direct external threat / attack for the company I work for. Have you ever had the need to quickly audit your unauthenticated & public exposure of your API Gateway resources to plan a implementation of AWS WAF (Web Application Firewall)?
0 kommentar(er)
