Stack Overflow
Stack Overflow

Questions tagged [cloud-security]

Not a stand alone tag. Use with any relevant language, technology, project type or specific security tags. For questions related to the programming aspect of security in cloud computing. For security questions that are not specific to coding, consider looking at https://security.stackexchange.com/.

Not a stand alone tag. Use with any relevant language, technology, project type or specific security tags. For questions related to the programming aspect of security in .

For security questions that are not specific to coding, consider looking at Information Security Stack Exchange.

35 questions
0
votes
2 answers

How to use non-default Google Service Account credentials with SecretManagerService in Google Cloud Function?

How do I pass non-default Google Service Account credentials to SecretManagerService or SecretManagerServiceClient in Google Cloud Function production environment? Docs are here. When running locally I can use from google.oauth2.service_account…
d3f2
  • 87
  • 6
0
votes
0 answers

S3 bucket: Restrict access

I'm trying to restrict access to a set of buckets using boto3. Consider that I'm dealing with around 200 buckets and that I have to create a rollback solution to undo the changes that I will make in case it affects a critical bucket. My plan so far…
Kaio H. Cunha
  • 211
  • 2
  • 10
0
votes
0 answers

Which powershell module does the Get-PrivacyManagementRule command fall in?

I've been trying to figure out how a few security settings in M365 tenant can be configured via Powershell. I was looking into Privacy Management in the admin console which has a bunch of settings I required, for eg- data retention period for…
Prakhar Athreya
  • 1
0
votes
1 answer

AWS Pen test - vulnerability scanning

I am trying to find out if it is correct to say that - In AWS we can only perform vulnerability scanning for EC2 instances. From my research, it seems like there can be pen tests on other AWS services, but vulnerability scanning seems to be focused…
Bokambo
  • 4,204
  • 27
  • 79
  • 130
0
votes
0 answers

Guardduty not able to detect attacks outside the Aws

I am trying to test guardduty by pulling off a brute force attack on Windows target ec2 host from my local windows machine (outside aws) using RDP. What i can see is there are no finding getting created on guardduty console even though i tried…
jayendra bhatt
  • 1,337
  • 2
  • 19
  • 41
0
votes
2 answers

How To Export GCP Security Command Center Findings To BigQuery?

Similar to this: How to export GCP's Security Center Assets to a Cloud Storage via cloud Function? I need to export the Findings as seen in the Security Command Center to BigQuery so we can easily filter the data we need and generate custom…
RobTheRobot16
  • 323
  • 4
  • 24
0
votes
1 answer

Google Cloud Function 403 for internal authenticated requests

I am calling a cloud function from within my GCP project. I receive 403 (Permission Denied) when the function is configured with Allow internal traffic only,…
Boris Kjaer
  • 40
  • 6
0
votes
1 answer

Google cloud load balancer dynamically adding backend buckets

Goal: For example, users could create courses which has resources such as images, videos etc. I want to restrict access to them using signed cookies. i.e. resources on /courses/1 will only be accessible to logged-in users who have a valid signed…
clouddreams
  • 622
  • 1
  • 4
  • 13
0
votes
1 answer

GCP create organization from command line or through API

Is there a way to create organizations programmatically in GCP using gcloud command or an API. I have several small orgs under which there are departments and then teams and finally products(projects). I wanted to have clean inheritance for security…
user1614862
  • 3,701
  • 7
  • 29
  • 46
0
votes
1 answer

User in an EC2 instance that’s assigned a S3 full access role can’t access S3

The EC2 instance has an IAM role assigned to it allowing it the full access to S3. I think this would allow any user in that instance to access S3, like issuing command aws s3 ls. But it turns out that only the default ec2-user and root(using sudo)…
xczzhh
  • 658
  • 1
  • 8
  • 22
0
votes
1 answer

xss-attack took place in our webapp hosted in Azure. How to find the IP address of the attacker Machine?

Our webapp had a XSS attack today and i work in the monitoring team. My client want to confirm the IP address of the attacker. How to find the IP address of the attacker machine.
Rahmn Shaik
  • 3
  • 1
0
votes
1 answer

Unable to Clone CloudGoat from RhinoSecurityLabs

I am trying to install the Rhino Security Labs CloudGoat on my AWS Ubuntu 18.04 LTS Free-tier EC2 instance. I followed the directions for setting up an admin user and configuring the AWS CLI and also set up terraform v0.12 per the directions in the…
Nemesis
  • 150
  • 4
  • 15
0
votes
1 answer

Security benchmarks for google cloud

Do we have any open source security benchmarks for Google cloud apart from CIS benchmarks? Generally how pen-testing is done for Cloud infrastructure?
crewy_stack
  • 530
  • 3
  • 14
0
votes
1 answer

How to manage certificate, truststore and keystore key files in a Java project

I am accessing a database in the cloud. In their "How To" page, it is mentioned that you can put these ca.pem and service.key files in your local path. In my Spring boot project, in application properties, I have put :…
ErEcTuS
  • 777
  • 1
  • 14
  • 33
0
votes
1 answer

QnAmaker Knowledgebase Privacy and Security

Is there a way to identify the knowledgebase that we have created is not vulnerable and open for security threat? Can someone else break into the existing Knowledgebase and access our inhouse documents? We are keen to know about this so that we need…
Albert
  • 1
1
2
3