How Do You Fix the AWS CLI Error “Following required service principals [eks.amazonaws.com] were not found in the trust relationships”?

Problem scenario
You run an AWS CLI command, but you get this error:

An error occurred (InvalidParameterException) when calling the CreateNodegroup operation: Following required service principals [eks.amazonaws.com] were not found in the trust relationships of clusterRole arn:aws:iam::12345678910:role/foobar

How do you fix this?

Solution
Draft a command like this (but replace “12345677810:role/foobar” with the equivalent string in the error,

 » Read more..

How Do You Securely Connect an EC-2 Instance in a VPC to a DynamoDB?

Problem scenario
You have a server in AWS that is in a VPC. You want it to access an S3 bucket. How do you do this?

Solution
Use a VPC endpoint, specifically, use a Gateway Endpoint.

Source: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints.html

 » Read more..

How Do You Disable the Knock Code Security Feature on an Android Tablet or Phone?

Problem scenario
You want to change the knock code itself or totally disable it on your Android tablet or phone. What do you do?

Solution
To remove the knock code:
Go to Settings -Display -Lock Screen -Select screen lock
Enter the knock code and click “next”.
Click on “None”.
You are done.

 » Read more..

How Do You Securely Connect an EC-2 Instance in a VPC to an S3 Bucket?

Problem scenario
You have a server in AWS that is in a VPC. You want it to access an S3 bucket. How do you do this?

Solution
Use a VPC endpoint, specifically, use a Gateway Endpoint.

Source: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints.html

 » Read more..

How Do You Troubleshoot the Kubernetes Error “no nodes available to schedule pods”?

Problem scenario
You run a kubectl command, but you receive one of the following error messages:

Warning FailedScheduling default-scheduler no nodes available to schedule pods
No resources found

What should you do?

Solution
1. Create a node.
2. You may need to create an IAM role for Kubernetes; if you need assistance with this, see this posting.

 » Read more..

How Do You Create an IAM Role in AWS to Allow for Nodegroups to Be Created in EKS?

Problem scenario
In the AWS Management Console, you cannot add a Node to an EKS cluster. The “Node IAM Role” never has any option. You click the “refresh” arrow, but all you see is “No roles found. Follow the link above to create a new role.” What should you do?

Solution

  1. Install and configure the AWS CLI. If you need assistance with this,

 » Read more..

How Do You Know the Syntax of the JSON for the –policy-document Flag for Adding Policies to a Role in AWS?

One of the following scenarios apply:

Problem scenario #1
You want to run a command like this:
aws iam put-role-policy –role-name contintdelete-role –policy-name DELETEPOLICY –policy-document file://adminPolicy.json

But you do not know the syntax of the adminPolicy.json.

Problem scenario #2
You are trying to use the –policy-document flag with the command “aws iam put-role-policy”. But you get this error:

An error occurred (MalformedPolicyDocument) when calling the PutRolePolicy operation: Syntax errors in policy.

 » Read more..

How Do You Use Burp (the Burp Suite tools)?

Problem scenario
You want to test out Burp to verify your website is secure. What do you do?

Solution
1. We use the desktop GUI of Linux for this solution. Deploy Kali Linux (e.g., in Azure).

2. Run these commands on it if you are not connected to the GUI Desktop:

sudo apt -y update
sudo apt -y install xrdp
sudo service xrdp start

3.

 » Read more..

How Do You Find which IAM Roles Your EC-2 User Account Has?

Problem scenario
You want to see what IAM permissions a given Linux user on an EC-2 instance has. You tried going to the web console for AWS. You were unable to find the user (e.g., ec2-user or ubuntu). How do you determine which roles the user is a member of?

Solution
From the OS, run this command:
curl http://169.254.169.254/latest/meta-data/iam/security-credentials/s3access

 » Read more..

What Are Some Ways to Prevent MITM Attacks or Other Session Exploitative Attacks with a Web Page That Uses JavaScript?

Problem scenario
You know that sessions of a JavaScript can be exploited in today’s world. This category of vulnerability is related to imperfections in authentication and is listed as the #2 biggest web application security risk as of June of 2020 (according to OWASP). What are some techniques to stop such attacks from happening when designing a website that uses JavaScript?

Possible Solution #1
Ensure cookie information is passed using connections that leverage HTTPS (as paraphrased from page 23 of Node.js Security by Liran Tal).

 » Read more..