Penetration Testing on AWS Cloud

• AWS customers are welcome to carry out security assessments or penetration tests against their AWS infrastructure without prior approval for 8 services:

  • Amazon EC2 instances, NAT Gateways, and Elastic Load Balancers

  • Amazon RDS

  • Amazon CloudFront

  • Amazon Aurora

  • Amazon API Gateways

  • AWS Lambda and Lambda Edge functions

  • Amazon Lightsail resources

  • Amazon Elastic Beanstalk environments

• List can increase over time (you won’t be tested on that at the exam)

• Prohibited Activities

  • DNS zone walking via Amazon Route 53 Hosted Zones

  • Denial of Service (DoS), Distributed Denial of Service (DDoS), Simulated DoS, Simulated DDoS

  • Port flooding

  • Protocol flooding

  • Request flooding (login request flooding, API request flooding)

• For any other simulated events, contact aws-security-simulated-event@amazon.com

• Read more: https://aws.amazon.com/security/penetration-testing/

PreviousNetwork FirewallNextEncryption

Last updated