Questions tagged with AWS Account Management

Content language: English

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

AWS account compromised. Help stopping services

I am hoping that someone can please help me. I signed up to AWS Free Tier in February to follow a AWS course. After not using AWS for many months, I received a notification of a charge for a service called Lightsail. I quickly located and deleted the instance (I never started this service). I notified support by logging a support ticket. I reset my Password and setup 2FA but new charges keep appearing on my account. In November it was only Lightsail but in December, every 2 days there is a new charge on my Bill. At the moment, these charges other than Lightsail are showing up as $0. Unlike Lightsail I cannot find any other services running and I am unable to stop them. Everyday there are new requests and new API requests for Services such as CodeArtifact, Data Transfer, Service Catalog from multiple Regions but I do not know how to stop them. I have contacted Support but there are waiting to hear back from the service team. So far, after few days I have been told that my account was compromised. Can someone please help me stop these. Here is the bill: Details AWS Service Charges $7.91 $0.00 CodeArtifact $0.00 Asia Pacific (Mumbai) AWS CodeArtifact APS3-Requests $0.00 ________________________________________ $0.0 per Request - request under the monthly free tier 8.000 Requests $0.00 $0.00 Asia Pacific (Singapore) AWS CodeArtifact APS1-Requests $0.00 ________________________________________ $0.0 per Request - request under the monthly free tier 6.000 Requests $0.00 $0.00 Asia Pacific (Sydney) AWS CodeArtifact APS2-Requests $0.00 ________________________________________ $0.0 per Request - request under the monthly free tier 6.000 Requests $0.00 $0.00 Asia Pacific (Tokyo) AWS CodeArtifact APN1-Requests $0.00 ________________________________________ $0.0 per Request - request under the monthly free tier 6.000 Requests $0.00 $0.00 EU (Frankfurt) AWS CodeArtifact EUC1-Requests $0.00 ________________________________________ $0.0 per Request - request under the monthly free tier 4.000 Requests $0.00 $0.00 EU (Ireland) AWS CodeArtifact EU-Requests $0.00 ________________________________________ $0.0 per Request - request under the monthly free tier 4.000 Requests $0.00 $0.00 EU (London) AWS CodeArtifact EUW2-Requests $0.00 ________________________________________ $0.0 per Request - request under the monthly free tier 7.000 Requests $0.00 $0.00 EU (Paris) AWS CodeArtifact EUW3-Requests $0.00 ________________________________________ $0.0 per Request - request under the monthly free tier 4.000 Requests $0.00 $0.00 EU (Stockholm) AWS CodeArtifact EUN1-Requests $0.00 ________________________________________ $0.0 per Request - request under the monthly free tier 4.000 Requests $0.00 $0.00 US East (N. Virginia) AWS CodeArtifact USE1-Requests $0.00 ________________________________________ $0.0 per Request - request under the monthly free tier 7.000 Requests $0.00 $0.00 US East (Ohio) AWS CodeArtifact USE2-Requests $0.00 ________________________________________ $0.0 per Request - request under the monthly free tier 6.000 Requests $0.00 $0.00 US West (Oregon) AWS CodeArtifact USW2-Requests $0.00 ________________________________________ $0.0 per Request - request under the monthly free tier 6.000 Requests $0.00 $0.00 Data Transfer $0.00 Asia Pacific (Mumbai) Bandwidth $0.00 ________________________________________ $0.000 per GB - data transfer out under the monthly global free tier 0.000000030 GB $0.00 $0.00 EU (London) Bandwidth $0.00 ________________________________________ $0.000 per GB - data transfer out under the monthly global free tier 0.000000020 GB $0.00 $0.00 US East (N. Virginia) AWS Data Transfer USE1-CAN1-AWS-Out-Bytes $0.00 ________________________________________ $0.02 per GB - US East (Northern Virginia) data transfer to Canada (Central) 0.000000220 GB $0.00 AWS Data Transfer USE1-EUC1-AWS-Out-Bytes $0.00 ________________________________________ $0.02 per GB - US East (Northern Virginia) data transfer to EU (Germany) 0.000000220 GB $0.00 AWS Data Transfer USE1-EUN1-AWS-Out-Bytes $0.00 ________________________________________ USD 0.02 per GB for EUN1-AWS-Out-Bytes in EU (Stockholm) 0.000000220 GB $0.00 AWS Data Transfer USE1-EUW2-AWS-Out-Bytes $0.00 ________________________________________ $0.02 per GB - US East (Northern Virginia) data transfer to EU (London) 0.000000220 GB $0.00 AWS Data Transfer USE1-EUW3-AWS-Out-Bytes $0.00 ________________________________________ $0.02 per GB - US East (Northern Virginia) data transfer to EU (Paris) 0.000000220 GB $0.00 AWS Data Transfer USE1-SAE1-AWS-Out-Bytes $0.00 ________________________________________ $0.02 per GB - US East (Northern Virginia) data transfer to South America (Sao Paulo) 0.000000260 GB $0.00 AWS Data Transfer USE1-USW1-AWS-Out-Bytes $0.00 ________________________________________ $0.02 per GB - US East (Northern Virginia) data transfer to US West (Northern California) 0.000000260 GB $0.00 Bandwidth $0.00 ________________________________________ $0.000 per GB - data transfer out under the monthly global free tier 0.000000020 GB $0.00 $0.00 Key Management Service $0.00 Asia Pacific (Mumbai) AWS Key Management Service ap-south-1-KMS-Requests $0.00 ________________________________________ $0.00 per request - Monthly Global Free Tier for KMS requests 1.000 Requests $0.00 $0.00 Asia Pacific (Seoul) AWS Key Management Service ap-northeast-2-KMS-Requests $0.00 ________________________________________ $0.00 per request - Monthly Global Free Tier for KMS requests 1.000 Requests $0.00 $0.00 Asia Pacific (Singapore) AWS Key Management Service ap-southeast-1-KMS-Requests $0.00 ________________________________________ $0.00 per request - Monthly Global Free Tier for KMS requests 1.000 Requests $0.00 $0.00 Asia Pacific (Sydney) AWS Key Management Service ap-southeast-2-KMS-Requests $0.00 ________________________________________ $0.00 per request - Monthly Global Free Tier for KMS requests 1.000 Requests $0.00 $0.00 Asia Pacific (Tokyo) AWS Key Management Service ap-northeast-1-KMS-Requests $0.00 ________________________________________ $0.00 per request - Monthly Global Free Tier for KMS requests 1.000 Requests $0.00 $0.00 Canada (Central) AWS Key Management Service ca-central-1-KMS-Requests $0.00 ________________________________________ $0.00 per request - Monthly Global Free Tier for KMS requests 1.000 Requests $0.00 $0.00 EU (Frankfurt) AWS Key Management Service eu-central-1-KMS-Requests $0.00 ________________________________________ $0.00 per request - Monthly Global Free Tier for KMS requests 1.000 Requests $0.00 $0.00 EU (Ireland) AWS Key Management Service eu-west-1-KMS-Requests $0.00 ________________________________________ $0.00 per request - Monthly Global Free Tier for KMS requests 1.000 Requests $0.00 $0.00 EU (London) AWS Key Management Service eu-west-2-KMS-Requests $0.00 ________________________________________ $0.00 per request - Monthly Global Free Tier for KMS requests 1.000 Requests $0.00 $0.00 EU (Paris) AWS Key Management Service eu-west-3-KMS-Requests $0.00 ________________________________________ $0.00 per request - Monthly Global Free Tier for KMS requests 1.000 Requests $0.00 $0.00 EU (Stockholm) AWS Key Management Service eu-north-1-KMS-Requests $0.00 ________________________________________ $0.00 per request - Monthly Global Free Tier for KMS requests 1.000 Requests $0.00 $0.00 South America (Sao Paulo) AWS Key Management Service sa-east-1-KMS-Requests $0.00 ________________________________________ $0.00 per request - Monthly Global Free Tier for KMS requests 1.000 Requests $0.00 $0.00 US East (N. Virginia) AWS Key Management Service us-east-1-KMS-Requests $0.00 ________________________________________ $0.00 per request - Monthly Global Free Tier for KMS requests 2.000 Requests $0.00 $0.00 US East (Ohio) AWS Key Management Service us-east-2-KMS-Requests $0.00 ________________________________________ $0.00 per request - Monthly Global Free Tier for KMS requests 1.000 Requests $0.00 $0.00 US West (N. California) AWS Key Management Service us-west-1-KMS-Requests $0.00 ________________________________________ $0.00 per request - Monthly Global Free Tier for KMS requests 1.000 Requests $0.00 $0.00 US West (Oregon) AWS Key Management Service us-west-2-KMS-Requests $0.00 ________________________________________ $0.00 per request - Monthly Global Free Tier for KMS requests 1.000 Requests $0.00 $6.59 Lightsail $0.00 Global Amazon Lightsail USE1-TotalDataXfer-In-Bytes $0.00 ________________________________________ $0.00 / GB - data transfer in 35.431 GB $0.00 $6.59 US East (N. Virginia) Amazon Lightsail Bundle:16GB $6.59 ________________________________________ $0.1613 / Hour of 16GB bundle Instance (Windows) 40.844 Hrs $6.59 Amazon Lightsail USE1-TotalDataXfer-Out-Bytes $0.00 ________________________________________ $0.00 / GB - data transfer out for US East (N. Virginia) 1.484 GB $0.00 $0.00 Secrets Manager $0.00 Asia Pacific (Mumbai) AWS Secrets Manager APS3-AWSSecretsManagerAPIRequest $0.00 ________________________________________ $0 per 10000 API Requests 1.000 API Requests $0.00 $0.00 Asia Pacific (Osaka) AWS Secrets Manager APN3-AWSSecretsManagerAPIRequest $0.00 ________________________________________ $0 per 10000 API Requests 1.000 API Requests $0.00 $0.00 Asia Pacific (Seoul) AWS Secrets Manager APN2-AWSSecretsManagerAPIRequest $0.00 ________________________________________ $0 per 10000 API Requests 1.000 API Requests $0.00 $0.00 Asia Pacific (Singapore) AWS Secrets Manager APS1-AWSSecretsManagerAPIRequest $0.00 ________________________________________ $0 per 10000 API Requests 1.000 API Requests $0.00 $0.00 Asia Pacific (Sydney) AWS Secrets Manager APS2-AWSSecretsManagerAPIRequest $0.00 ________________________________________ $0 per 10000 API Requests 1.000 API Requests $0.00 $0.00 Asia Pacific (Tokyo) AWS Secrets Manager APN1-AWSSecretsManagerAPIRequest $0.00 ________________________________________ $0 per 10000 API Requests 1.000 API Requests $0.00 $0.00 Canada (Central) AWS Secrets Manager CAN1-AWSSecretsManagerAPIRequest $0.00 ________________________________________ $0 per 10000 API Requests 2.000 API Requests $0.00 $0.00 EU (Frankfurt) AWS Secrets Manager EUC1-AWSSecretsManagerAPIRequest $0.00 ________________________________________ $0 per 10000 API Requests 1.000 API Requests $0.00 $0.00 EU (Ireland) AWS Secrets Manager EU-AWSSecretsManager-APIRequests $0.00 ________________________________________ $0 per 10000 API Requests 1.000 API Requests $0.00 $0.00 EU (London) AWS Secrets Manager EUW2-AWSSecretsManagerAPIRequest $0.00 ________________________________________ $0 per 10000 API Requests 2.000 API Requests $0.00 $0.00 EU (Paris) AWS Secrets Manager EUW3-AWSSecretsManagerAPIRequest $0.00 ________________________________________ $0 per 10000 API Requests 2.000 API Requests $0.00 $0.00 EU (Stockholm) AWS Secrets Manager EUN1-AWSSecretsManagerAPIRequest $0.00 ________________________________________ $0 per 10000 API Requests 2.000 API Requests $0.00 $0.00 South America (Sao Paulo) AWS Secrets Manager SAE1-AWSSecretsManagerAPIRequest $0.00 ________________________________________ $0 per 10000 API Requests 2.000 API Requests $0.00 $0.00 US East (N. Virginia) AWS Secrets Manager USE1-AWSSecretsManagerAPIRequest $0.00 ________________________________________ $0 per 10000 API Requests 2.000 API Requests $0.00 $0.00 US East (Ohio) AWS Secrets Manager USE2-AWSSecretsManagerAPIRequest $0.00 ________________________________________ $0 per 10000 API Requests 1.000 API Requests $0.00 $0.00 US West (N. California) AWS Secrets Manager USW1-AWSSecretsManagerAPIRequest $0.00 ________________________________________ $0 per 10000 API Requests 2.000 API Requests $0.00 $0.00 US West (Oregon) AWS Secrets Manager USW2-AWSSecretsManagerAPIRequest $0.00 ________________________________________ $0 per 10000 API Requests 1.000 API Requests $0.00 $0.00 Service Catalog $0.00 Asia Pacific (Mumbai) AWS Service Catalog APS3-AR-App-API-Calls $0.00 ________________________________________ $0.00 per API Calls for AppRegisty Application API-Calls in Asia Pacific (Mumbai) 3.000 API Calls $0.00 $0.00 EU (London) AWS Service Catalog EUW2-AR-App-API-Calls $0.00 ________________________________________ $0.00 per API Calls for AppRegisty Application API-Calls in EU (London) 1.000 API Calls $0.00 $0.00 EU (Paris) AWS Service Catalog EUW3-AR-App-API-Calls $0.00 ________________________________________ $0.00 per API Calls for AppRegisty Application API-Calls in EU (Paris) 4.000 API Calls $0.00 $0.00 US East (N. Virginia) AWS Service Catalog USE1-AR-App-API-Calls $0.00 ________________________________________ $0.00 per API Calls for AppRegisty Application API-Calls in US East (N. Virginia) 25.000 API Calls $0.00 AWS Service Catalog USE1-SC-API-Calls $0.00 ________________________________________ $0.00 per API Calls for SC-API-Calls in US East (N. Virginia) - Free Tier 12.000 API Calls $0.00 $0.00 US East (Ohio) AWS Service Catalog USE2-AR-App-API-Calls $0.00 ________________________________________ $0.00 per API Calls for AppRegisty Application API-Calls in US East (Ohio) 1.000 API Calls $0.00 $0.00 Simple Notification Service $0.00 Asia Pacific (Mumbai) Amazon Simple Notification Service APS3-Requests-Tier1 $0.00 ________________________________________ First 1,000,000 Amazon SNS API Requests per month are free 2.000 Requests $0.00 $0.00 Asia Pacific (Seoul) Amazon Simple Notification Service APN2-Requests-Tier1 $0.00 ________________________________________ First 1,000,000 Amazon SNS API Requests per month are free 2.000 Requests $0.00 $0.00 Asia Pacific (Singapore) Amazon Simple Notification Service APS1-Requests-Tier1 $0.00 ________________________________________ First 1,000,000 Amazon SNS API Requests per month are free 2.000 Requests $0.00 $0.00 Asia Pacific (Sydney) Amazon Simple Notification Service APS2-Requests-Tier1 $0.00 ________________________________________ First 1,000,000 Amazon SNS API Requests per month are free 2.000 Requests $0.00 $0.00 Asia Pacific (Tokyo) Amazon Simple Notification Service APN1-Requests-Tier1 $0.00 ________________________________________ First 1,000,000 Amazon SNS API Requests per month are free 2.000 Requests $0.00 $0.00 Canada (Central) Amazon Simple Notification Service CAN1-Requests-Tier1 $0.00 ________________________________________ First 1,000,000 Amazon SNS API Requests per month are free 3.000 Requests $0.00 $0.00 EU (Frankfurt) Amazon Simple Notification Service EUC1-Requests-Tier1 $0.00 ________________________________________ First 1,000,000 Amazon SNS API Requests per month are free 2.000 Requests $0.00 $0.00 EU (Ireland) Amazon Simple Notification Service EU-Requests-Tier1 $0.00 ________________________________________ First 1,000,000 Amazon SNS API Requests per month are free 2.000 Requests $0.00 $0.00 EU (London) Amazon Simple Notification Service EUW2-Requests-Tier1 $0.00 ________________________________________
2
answers
1
votes
40
views
asked 2 days ago

Why level up to AWS Organizations and Why not stick to AWS Account

**What is the advantage of AWS organization management over the account management ? Why take the leap****** Every Company has users and resources they interact with. End of the day - management of these users and resources (allowing the intended and blocking the un-intended usage) is the purpose of our job. Answer is to use an account level strategy or organizational level strategy. In AWS , few years back , focus was on securing an account and VPCs did the separation for production, development and testing stages. [Please understand Separate VPC is as good as a separate datacenter ]. Now idea is promoted that practically each developer or team will have an account and the department will work as an OU and Enterprise will run as a AWS organization - handling this multi account strategy. So along comes SCPs (at the end of the day they are DENY rules). Control Tower and Landing Zone. But the same things can be run on account level. *Are we Securing the blast radius by limiting to an account ? incase of an account compromise ? **I do not agree as firstly* when your running a multi-account system similar cross account access are also in place which needs to be secure along with the basic level account security management. Also top-managing account in organization can be compromised . In fact the attack surface largely increasing onto an other level. Causes difficulties to visibility and monitoring - ( Guard Duty can be enabled for multi accounts and Cloud Trails Aggregator can be used )- but it is getting complicated. Secondly, anyways one has to keep the account secure also. Clear demarcation is possible and good environment can be provided with VPC , Conditional statements , tagging. In case of merger there can be cross account access enabled with external ID. **I am not here to challenge but I want to gain an understanding in why the shift was undertaken. Also any resources in this regard will be great help. Even a comment might help. ****** **
2
answers
0
votes
32
views
asked 10 days ago