Summary
In this chapter, we designed and prepared our first intentionally vulnerable lab environment in the cloud. We started by creating an empty S3 bucket using the AWS Management Console. After that, we configured the bucket for static website hosting. We also modified the access control settings of the S3 bucket and allowed other authenticated AWS users to list and retrieve objects from our bucket. To complete the setup, we uploaded sample files to our S3 bucket.
We proceeded by testing our setup by inspecting and verifying the S3 bucket’s security configuration using a series of steps, which included several terminal commands. After confirming that we could download files from the S3 bucket using a second AWS account (not used to create the bucket), we proceeded with downloading and inspecting all the files stored in the bucket. Finally, we wrapped things up by cleaning up and deleting the resources we created in this chapter.
In the next chapter, we will focus on...
