Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

To Prevent unauthorized user in EC2 to send out email via unauthorized SES credential

0

Dear All,

I am researching how to prevent unauthorized users logged into EC2 server and send out email out using his SES smtp user account and email address? I was thinking to disable those common port in the firewall rules?

Any one like to help to provide more solutions on it?

Themen
KalkulationFrontend-Web & MobileGeschäftsanwendungen
Tags
Amazon EC2Amazon Simple Email Service
Sprache
English
McDs23
gefragt vor 8 Monaten229 Aufrufe
3 Antworten
0

An unauthorized User access one EC2 in Environment A and send out email via SES using email-smtp.ap-southeast-1.amazonaws.com. The credential account and verified identities belong to the authorized users AWS SES account.

How to prevent it?

McDs23
beantwortet vor 8 Monaten
0

Put EC2 Instance into private Subnet, use SSM to connect to the instance instead of putting it on the public network, add least privileges to the IAM Role which is attached to the instance. Restrict access to SES using SCPs.

https://docs.aws.amazon.com/de_de/systems-manager/latest/userguide/ssm-agent.html https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html

profile picture
David
beantwortet vor 8 Monaten
0

Coming from a last week security aws workshop, I would recommend to ll oil into Guardduty and integration with security hub https://docs.aws.amazon.com/guardduty/latest/ug/securityhub-integration.html

profile picture
EXPERTE
Antonio_Lagrotteria
beantwortet vor 8 Monaten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt