Conversation
| for zone in hosted_zones['HostedZones']: | ||
| record_sets = route53_client.list_resource_record_sets(HostedZoneId=zone['Id']) | ||
| for record_set in record_sets['ResourceRecordSets']: | ||
| if record_set['Type'] == 'CNAME': |
There was a problem hiding this comment.
Secret: Secret Keyword
Click here for more details
|
|
||
| session = boto3.Session( | ||
| aws_access_key_id='YOUR_ACCESS_KEY', | ||
| aws_secret_access_key='YOUR_SECRET_KEY', |
There was a problem hiding this comment.
Secret: Secret Keyword
Click here for more details
| for hosted_zone in response['HostedZones']: | ||
| record_sets = route53_client.list_resource_record_sets(HostedZoneId=hosted_zone['Id']) | ||
|
|
||
| for record_set in record_sets['ResourceRecordSets']: |
There was a problem hiding this comment.
Secret: Secret Keyword
Click here for more details
|
|
||
| session = boto3.Session( | ||
| aws_access_key_id='YOUR_ACCESS_KEY', | ||
| aws_secret_access_key='YOUR_SECRET_KEY', |
There was a problem hiding this comment.
Secret: Secret Keyword
Click here for more details
| 4. This script will print out the names of all Alias records that are pointing to S3 buckets. These could potentially be vulnerable if the S3 buckets are misconfigured. You should further investigate these S3 buckets to ensure they are properly secured. | ||
| </Accordion> | ||
|
|
||
| </AccordionGroup> |
There was a problem hiding this comment.
Secret: Secret Keyword
Click here for more details
|
|
||
| session = boto3.Session( | ||
| aws_access_key_id='your_access_key', | ||
| aws_secret_access_key='your_secret_key', |
There was a problem hiding this comment.
Secret: Secret Keyword
Click here for more details
| To ensure that AWS Config is enabled, you can describe the configuration recorder and check its status. | ||
| ```python | ||
| # Describe the configuration recorder | ||
| response = config_client.describe_configuration_recorders() |
There was a problem hiding this comment.
Secret: Secret Keyword
Click here for more details
| # Create a session using your AWS credentials | ||
| session = boto3.Session( | ||
| aws_access_key_id='YOUR_ACCESS_KEY', | ||
| aws_secret_access_key='YOUR_SECRET_KEY', |
There was a problem hiding this comment.
Secret: Secret Keyword
Click here for more details
| 4. Check the 'recordingGroup' field in the response. If 'includeGlobalResourceTypes' is set to False, then global resources are not included in AWS Config: | ||
|
|
||
| ```python | ||
| if not response['ConfigurationRecordersStatus'][0]['recordingGroup']['includeGlobalResourceTypes']: |
There was a problem hiding this comment.
Secret: Secret Keyword
Click here for more details
|
|
||
| session = boto3.Session( | ||
| aws_access_key_id='YOUR_ACCESS_KEY', | ||
| aws_secret_access_key='YOUR_SECRET_KEY', |
There was a problem hiding this comment.
Secret: Secret Keyword
Click here for more details
| for hosted_zone in response['HostedZones']: | ||
| hosted_zone_id = hosted_zone['Id'] | ||
| domain_list = route53_client.list_domains(HostedZoneId=hosted_zone_id) | ||
|
|
There was a problem hiding this comment.
Secret: Secret Keyword
Click here for more details
|
|
||
| session = boto3.Session( | ||
| aws_access_key_id='YOUR_ACCESS_KEY', | ||
| aws_secret_access_key='YOUR_SECRET_KEY', |
There was a problem hiding this comment.
Secret: Secret Keyword
Click here for more details
|
|
||
| 3. **Check Domain Expiry:** | ||
| - Use a WHOIS lookup to check the expiration date of each domain. You can use a third-party library like `whois` for this purpose. | ||
|
|
There was a problem hiding this comment.
Secret: Secret Keyword
Click here for more details
| # Initialize a session using Amazon Route 53 | ||
| session = boto3.Session( | ||
| aws_access_key_id='YOUR_ACCESS_KEY', | ||
| aws_secret_access_key='YOUR_SECRET_KEY', |
There was a problem hiding this comment.
Secret: Secret Keyword
Click here for more details
| current_date_plus_30 = datetime.now() + timedelta(days=30) | ||
|
|
||
| # Check if the domain is expiring in the next 30 days | ||
| if expiry_date <= current_date_plus_30: |
There was a problem hiding this comment.
Secret: Secret Keyword
Click here for more details
| from datetime import datetime, timedelta | ||
|
|
||
| # Initialize the Route53 client | ||
| route53 = boto3.client('route53', aws_access_key_id='YOUR_ACCESS_KEY', aws_secret_access_key='YOUR_SECRET_KEY') |
There was a problem hiding this comment.
Secret: Secret Keyword
Click here for more details
2 participants
No description provided.