How-To: Creating AWS EC2 ReadOnly Credentials with IAM

In order to retrieve and list your assets (Instances, Security Groups) from your Amazon Web Services EC2 account through API, Elastic Detector need ReadOnly credentials. Here is how to create such credentials using Amazon Web Services Identity and Access Management (IAM). Step 0: Login to your Amazon Web Services account through AWS Console, and open…

Elastic Vulnerability Assessment (EVA) Credentials for AWS EC2 and VPC

One of the major obstacles to Elastic Detector adoption is the step where infrastructure API credentials are asked. Security guys do not easily give their keys to strangers. We fully understand that, so we have proposed two solutions: Virtual appliance, such as an AMI on the AWS marketplace. We provide VMware (vmdk) and KVM versions…

AWS Policy Generator

We recently posted this article that describes how to generate Amazon EC2 read-only credentials for third-party providers. Amazon released a little helper tool this week, a Policy Generator, that facilitates building quite complex policies. The AWS blog very well describes the necessary steps to produce a policy in this post. Example Following our example, the…

Read-Only Credentials For EC2

A common concern of EC2 users with regard to using third-party tools like Elastic Detector is the fact that those tools require the users’ AWS EC2 credentials to work. In the wrong hands, those credentials can be misused to cause significant damage by e.g. shutting down instances. Fortunately, AWS provides a solution called Identity and…