0

New to this, and new to AWS in general.
Currently reviewing the profiles in S3 bucket to identify which ones can be deleted.

it is not easy to identify whom it belongs to as its a SHA256 generated code.
enter image description here

Is there an easy way to identify what is the email hidden behind it? Otherwise, I need to convert a lot of emails to hash and compare that way ... long process.

Kindly note, not an expect in AWS, a newbee rather.

BiMi
  • 1
  • Whatever you're done is custom, not AWS standard, you'll have to find the code doing this and look at how it works. – Tim Nov 17 '22 at 18:03
  • Oh, so you are saying the SHA256 was created cos somebody decided that way? I know that converting a user's email to SHA256 will generate the code and then have to manually compare it. COnsidering there are over 100 of such codes... can u imagine the workload? Hence, if there is a way via AWL CLI to say "ok, show me the owner/email of this profile" – BiMi Nov 18 '22 at 09:38
  • matter of fact, when downloading the profile.vhdx file and opening with notepad, I can then find the usera@domain.com emaiol address poiting to the user's account. Again, this is still a lot of manual process .... :/ – BiMi Nov 18 '22 at 09:39
  • Again, someone set this up as a custom piece of code. AWS has no knowledge of what you store in the bucket. A couple of scripts should make this a small job. – Tim Nov 18 '22 at 09:54
  • Thanks Tim, may you point me in right direction and explain in what the scripting involves? would appreciate your assistance – BiMi Nov 18 '22 at 15:43
  • Some kind of script to hash the profile names and outputs profile name vs sha, another that takes the sha code from "s3 ls" and matches them up. You could even tag the S3 objects with the user name, but that would defeat the purpose of the obfuscation. – Tim Nov 18 '22 at 19:41
  • ... not sure how. – BiMi Nov 21 '22 at 08:07
  • Best hire someone – Tim Nov 21 '22 at 08:48
  • ohhh that's an amazing suggestion ... hah – BiMi Nov 21 '22 at 10:56
  • We can't teach you scripting. On SF we can help you understand a specific issue so you can work the rest out yourself. The situation you have is someone wrote some code that puts files on S3, it's not well documented, and you're trying to understand it. Given the lack of documentation you will need to reverse engineer it. The simplest way forward for you is probably to individually hash the email addresses of people who have left the company then manually match that to the S3 bucket. Alternately a lifecycle policy for archiving old data to reduce costs. – Tim Nov 21 '22 at 17:43
  • indeed ... a life cycle would solve it, just raised a nother question on that, hoping there is some guide on that part in how to create a life cycle policy to delete profiles in S3 buckets IF not utilised/accessed over 3 months. – BiMi Nov 22 '22 at 15:09
  • as for the hashing ... not aware that there is ascript to hash it and really why it was requested to be hashed? Maybe cos of the URL generated when calling for the AppStream session? hmmmm I dont know nor aware how it was setup. If lifecycle can delete them after a particular time then it would safe the time indeed. – BiMi Nov 22 '22 at 15:10

0 Answers0