AWS AppSync Penetration Test

0

Hi all,

We have a running AppSync application that uses DynamoDB, Lambda and S3. Our client is requesting for the AppSync URL to run 3rd party penetration tests.

Based on the security docs (https://aws.amazon.com/security/penetration-testing/), we are not allowed to run pen tests on AppSync, DynamoDB and S3. My question is, how can we go about running the pen tests on our AppSync Application?

Thanks!

Topics

Serverless Front-End Web & Mobile Application Integration

Tags

Language

English

asked 5 years ago462 views

2 Answers

Newest
Most votes
Most comments

Are these answers helpful? Upvote the correct answer to help the community benefit from your knowledge.

0

You can request the inclusion of additional services by following the link in the "Customer Service Policy for Pen Testing" section.

Regards,
Rohan

AWS-User-6514131

answered 5 years ago

0

Thanks! Will do!

Do you have any idea how long that might take?

answered 5 years ago

Relevant content

How is Cloud Web Application Penetration Test Different from Conventional testing
AWS-User-6409236
asked 2 years ago
AWS Penetration Testing
dannyb
asked 3 months ago
Feature request: Support for DynamoDB Transactions in AppSync
Accepted Answer
OGDev
asked 5 years ago
Unauthorized running AppSync Query
Accepted Answer
vikram-s
asked a month ago
How do I run security assessments or penetration tests on AWS?
AWS OFFICIALUpdated a year ago
How do I troubleshoot "Unauthorized" errors when running GraphQL requests in AWS AppSync?
AWS OFFICIALUpdated 2 years ago
How do I configure an AWS AppSync schema to handle nested JSON data in DynamoDB?
AWS OFFICIALUpdated 2 years ago
How do I use AWS AppSync to access private resources in my VPC?
AWS OFFICIALUpdated 2 years ago
Private, cross-account GraphQL APIs with AppSync Merged APIs
EXPERT
Antonio_Lagrotteria
published 10 months ago
Use AWS Client VPN to access workloads running on VMware Cloud on AWS
EXPERT
Sawab Ahmed
published 6 months ago