Skip to content

Commit 2685dfd

Browse files
cydtsengcydtseng
committed
docs: minor grammar / spelling improvements for aws-basic-information
1 parent 9d8d1d2 commit 2685dfd

File tree

1 file changed

+16
-20
lines changed
  • src/pentesting-cloud/aws-security/aws-basic-information

1 file changed

+16
-20
lines changed

src/pentesting-cloud/aws-security/aws-basic-information/README.md

Lines changed: 16 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88

99
### Accounts
1010

11-
In AWS there is a **root account,** which is the **parent container for all the accounts** for your **organization**. However, you don't need to use that account to deploy resources, you can create **other accounts to separate different AWS** infrastructures between them.
11+
In AWS, there is a **root account**, which is the **parent container for all the accounts** for your **organization**. However, you don't need to use that account to deploy resources, you can create **other accounts to separate different AWS** infrastructures between them.
1212

1313
This is very interesting from a **security** point of view, as **one account won't be able to access resources from other account** (except bridges are specifically created), so this way you can create boundaries between deployments.
1414

@@ -228,7 +228,7 @@ A boundary is just a policy attached to a user which **indicates the maximum lev
228228

229229
A session policy is a **policy set when a role is assumed** somehow. This will be like an **IAM boundary for that session**: This means that the session policy doesn't grant permissions but **restrict them to the ones indicated in the policy** (being the max permissions the ones the role has).
230230

231-
This is useful for **security meassures**: When an admin is going to assume a very privileged role he could restrict the permission to only the ones indicated in the session policy in case the session gets compromised.
231+
This is useful for **security measures**: When an admin is going to assume a very privileged role he could restrict the permission to only the ones indicated in the session policy in case the session gets compromised.
232232

233233
```bash
234234
aws sts assume-role \
@@ -309,20 +309,20 @@ AWS Identity and Access Management (IAM) provides **fine-grained access control*
309309

310310
In [**this page**](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-unique-ids) you can find the **IAM ID prefixe**d of keys depending on their nature:
311311

312-
| Identifier Code | Description |
313-
| ---- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
314-
| ABIA | [AWS STS service bearer token](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_bearer.html) |
315-
316-
| ACCA | Context-specific credential |
317-
| AGPA | User group |
318-
| AIDA | IAM user |
319-
| AIPA | Amazon EC2 instance profile |
320-
| AKIA | Access key |
321-
| ANPA | Managed policy |
322-
| ANVA | Version in a managed policy |
323-
| APKA | Public key |
324-
| AROA | Role |
325-
| ASCA | Certificate |
312+
| Identifier Code | Description |
313+
| --------------- | ----------------------------------------------------------------------------------------------------------- |
314+
| ABIA | [AWS STS service bearer token](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_bearer.html) |
315+
316+
| ACCA | Context-specific credential |
317+
| AGPA | User group |
318+
| AIDA | IAM user |
319+
| AIPA | Amazon EC2 instance profile |
320+
| AKIA | Access key |
321+
| ANPA | Managed policy |
322+
| ANVA | Version in a managed policy |
323+
| APKA | Public key |
324+
| AROA | Role |
325+
| ASCA | Certificate |
326326
| ASIA | [Temporary (AWS STS) access key IDs](https://docs.aws.amazon.com/STS/latest/APIReference/API_Credentials.html) use this prefix, but are unique only in combination with the secret access key and the session token. |
327327

328328
### Recommended permissions to audit accounts
@@ -386,7 +386,3 @@ If you are looking for something **similar** to this but for the **browser** you
386386
- [https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html](https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html)
387387

388388
{{#include ../../../banners/hacktricks-training.md}}
389-
390-
391-
392-

0 commit comments

Comments
 (0)