What is AWS penetration testing?

31 Aug 2023

Features of cloud pentests in Amazon Web Services

With the constant growth in the number of organizations moving their operations to the cloud, security concerns are becoming particularly relevant. Amazon Web Services (AWS) is one of the most popular cloud platforms, yet it is not immune to cyber attacks.

Penetration testing becomes a critical stage in identifying potential vulnerabilities in the AWS infrastructure.

In this article, we will examine the necessity of conducting penetration testing in AWS, share valuable recommendations, and clarify the importance of ensuring security in the cloud environment. If you aim to protect your data and operations, this material will be beneficial for you.

How does traditional penetration testing differ from penetration testing in AWS?


Traditional penetration testing and penetration testing in AWS have significant differences in light of modern technological changes.

Our compiled comparative table allows understanding the limitations of traditional approaches and explains why conducting testing in AWS becomes an integral component of ensuring security in the cloud environment.

AspectTraditional penetration testingPenetration testing in AWS
InfrastructurePhysical infrastructure (servers, routers, etc.)Virtual infrastructure (EC2, S3, and other AWS services)
ToolsLocal and cloud toolsLocal, cloud, and specialized tools for AWS (AWS Inspector, Amazon GuardDuty, AWS Config)
Methodology“Black box” method, occasionally – “gray box” or “white box”Primarily “white box” method
Scope of applicationOften limited to specific systems or applicationsEncompasses a broad range of AWS services and configurations
Speed and scale of automated part of testingTypically slower and constrained by organizational resourcesMore scalable and faster due to cloud infrastructure
DynamismLess adaptable to rapidly changing infrastructureAdapts to the dynamics of the cloud environment
Consideration of shared responsibilityPrimary focus on internal resources and vulnerabilitiesAcknowledges shared responsibility with AWS for security
Cloud supportRequires adaptation to work with cloud environmentsSpecifically designed to detect cloud risks and vulnerabilities

What is prohibited for conducting penetration testing in AWS?

Image stop

It is a well-known fact that conducting penetration testing within the Amazon Web Services (AWS) environment is allowed by the Amazon company; however, there are a number of prohibited areas that are crucial to consider. These restrictions are aimed at ensuring the security, integrity, and reliability of the cloud infrastructure. Below, we will examine the specific limitations that exist.

Testing of external services. One of the primary restrictions is the prohibition of testing services that are not related to your AWS account or belong to other customers. This includes services that are beyond your own sphere of influence. Clearly, such actions can have a negative impact on the overall security and trust of the platform.

Physical security. It’s important to note that testing physical security measures, such as data centers, buildings, and personnel, is strictly forbidden. This approach helps prevent potential risks associated with unwanted interference with real-world objects.

AWS support services. Testing AWS support services or reaching out to AWS support with requests for penetration testing is prohibited. This is because even limited interactions with such services could disrupt balance and negatively affect customer experience.

Third-party applications and services. Another consideration is the prohibition of testing third-party applications or services integrated with your AWS resources without explicit consent from the owners of these resources. This is essential to ensure the confidentiality and protection of other users’ data.

Interference and harm. It’s prohibited to undertake actions that could damage the operation of AWS services or have a negative impact on the resources of other customers. This restriction helps maintain the stability and reliability of the entire infrastructure.

Use of known vulnerabilities. It is desirable to avoid using vulnerabilities that AWS has already been made aware of. This is intended to uphold ethical standards and prevent practical issues.

Self-conducted penetration testing in AWS: our recommendations


Undertaking self-conducted penetration testing in AWS requires special caution and knowledge about cloud infrastructure. To assist you in this intricate process, we have prepared a step-by-step guide with key recommendations for successfully conducting penetration testing within the AWS environment.

Step 1: Preparatory measures

Goal setting. Define the objectives of the penetration testing. Which systems, applications, or resources do you intend to assess? What vulnerabilities and attacks do you wish to explore?

Obtaining approval. Obtain consent from resource owners and AWS administrators for conducting the penetration testing.

Selecting test type. Decide on the type of testing you require: external (attacks from the outside), internal (attacks from within), or a combination.

Step 2: Environment preparation

Creating a test environment. Configure a separate testing environment within AWS to isolate testing from the production environment.

Data duplication. If necessary for testing, create duplicates of data to avoid accidental damage to live data.

Simulating attacks. Ensure you understand the attacking methods you will employ and have appropriate tools.

Step 3: Conducting the Testing

Scanning and asset identification. Utilize tools to detect active hosts, services, and ports.

Vulnerability search. Apply automated tools and manual methods to identify vulnerabilities in applications, services, and infrastructure.

Vulnerability exploitation. Attempt to exploit identified vulnerabilities to gain access or control over the system.

Results analysis. Evaluate testing outcomes, assess attack success, and potential threats to the system.

Step 4: Reporting

Report compilation. Create a detailed report of the conducted testing. Include information about discovered vulnerabilities, attack methods, and successful exploitations.

Resolution recommendations. Provide suggestions for addressing identified vulnerabilities and enhancing security levels.

Step 5: Post-Testing

Risk analysis. Collaboratively with resource owners, assess risks associated with detected vulnerabilities and decide on necessary actions.

Vulnerability remediation. Implement resolution recommendations to fix identified vulnerabilities.

Reassessment. Perform a retest of discovered vulnerabilities to ensure they are eradicated or remediated.

Personnel training. Provide employees with lessons derived from the penetration testing to prevent future repetition of mistakes.

Step 6: Conclusion

Endorsement of conclusion. Ensure resource owners are content with the testing outcomes and take steps to improve security.

Data archival. Preserve reports during the allowed retention period and relevant documentation for future comparisons and analysis.

Feedback. Engage in discussions with resource owners and AWS administrators to exchange experiences and advice.

By following these steps and undergoing appropriate training, such as OCPT, GCPN, C|PENT, or MCPT, you will be equipped to independently conduct basic penetration testing in AWS.

However, remember that performing a comprehensive penetration test and audit of AWS on your own might prove to be complex and labor-intensive. Therefore, we recommend seeking assistance from professionals if you’re not confident in your skills.

Subscribe to our Telegram channel to make sure you do not miss any new articles on our blog.

Other posts

Cybersecurity program with your own hands
Anonymous cryptocurrencies and crypto mixers: ethics and legality