RSInfoMinds

  Amazon Web Services (AWS) Web Application Firewall (WAF) is a security tool that protects web applications from attacks. WAF allows users to configure rules that allow, block, or monitor web requests based on conditions defined by the user.  WAF can filter web traffic by creating rules based on conditions like IP addresses, HTTP headers and body, or custom URIs.  WAF can also monitor an application's login page for unauthorized access to user accounts. WAF is different from a standard firewall, which provides a barrier between external and internal network traffic.  A WAF sits between external users and web applications to analyze all HTTP communication. I already have a website running on an EC2 instance and accessible via ALB. I am going to create a WAF rule to deny accessing the page from the country USA. Adding ALB as the resource to AWS WAF: Creating a rule: I am going to respond with the error code "400" and custom response. We are done creating WAF rule. L...

  In this post, We will see what is a VPC flow log and how to capture the same for an EC2 instance. VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC.  Flow log data can be published to the following locations: Amazon CloudWatch Logs, Amazon S3, or Amazon Kinesis Data Firehose. After you create a flow log, you can retrieve and view the flow log records in the log group, bucket, or delivery stream that you configured. I have an EC2 instance running HTTP delivering static content on port 80. Next, I am going to create a cloud watch log group which will be the destination for VPC flow logs. Next, we need to create an IAM role to allow the VPC flow log service to create log stream and we attach that IAM role to the flow log service while capturing VPC flow logs. We are done with creating an IAM role with the required policy. Let’s proceed with VPC flow log capture.   Select the EC2 network...

  In this post, We will see how to create a KMS key and use that key to encrypt the S3 bucket. We will see what happens when uploading an object without the key, with default encryption key, and with the KMS key which we created. Let's create a KMS key. Now that we have the key. Let's use that key for S3 bucket encryption. Now that we have a bucket. Updating bucket policy as below and trying to upload the object. The above policy will deny uploading to the S3 when the Server Side Encryption is not "AES256". I am trying to upload with the default S3 encryption key and it fails. So, We are using AWS KMS. To upload the objects using customer KMS we need to upload the policy as below. Let's upload again. It works.