My Journey Through the AWS Cloud Challenge: Bridging Cloud and Cybersecurity

Participating in the AWS Cloud Challenge was a pivotal journey that sharpened my cloud competencies and offered a practical case for applying cloud security concepts. With a foundation in Azure and a strong interest in cloud security, blue teaming, and cloud management, this challenge served as an ideal platform to broaden my cloud knowledge, explore a different cloud service (AWS), and showcase my skills.

The Challenge Overview

The AWS Cloud Challenge, created by Forrest Brazeal, is designed to help individuals build a cloud-based resume while learning essential AWS services. The challenge involves several steps, each focusing on various aspects of cloud technology:

1. AWS Skills: Hands on learning of AWS functions and tools.

2. HTML and CSS: Creating a resume in HTML and styling it with CSS.

3. Static Website: Deploying the resume as a static website on Amazon S3.

4. HTTPS: Securing the website with HTTPS using Amazon CloudFront.

5. DNS: Understanding DNS in CloudFront distribution.

6. JavaScript: Adding a visitor counter using JavaScript.

7. Database: Storing visitor data in Amazon DynamoDB.

8. API: Creating an API with AWS API Gateway and AWS Lambda.

9. Python: Writing Lambda functions in Python.

10. Tests: Implementing tests for the Python code.

11. Infrastructure as Code: Using Terraform to manage infrastructure.

Skills Gained and Their Relevance to Cybersecurity

Throughout the challenge, I gained a multitude of skills that are directly applicable to cybersecurity. Here’s how each step contributed to my growth in this field:

1. AWS Cloud Practitioner Skills: This project aligns with the study material to become a Cloud Practitioner for AWS. Although I have not yet taken the certification, by being able to successfully complete this project, it proves I have the capabilities to work in the AWS platform. I will eventually take the certification, but for now I am fine with the experience firsthand!

2. HTML and CSS: While these are basic web development skills, understanding how websites are built is essential for web application security. It helps in identifying potential vulnerabilities in web applications.

3. Static Website on Amazon S3: Deploying a static website on S3 taught me about securing data at rest and in transit. Configuring S3 bucket policies and understanding access controls are vital for protecting data.

4. HTTPS with CloudFront: Implementing HTTPS ensures data integrity and confidentiality. This step reinforced my knowledge of SSL/TLS certificates and how to secure web traffic.

5. Custom DNS with Route 53: Managing DNS settings and understanding how DNS works is crucial for preventing DNS spoofing and ensuring secure communication between clients and servers.

6. JavaScript for Visitor Counter: Writing JavaScript for the visitor counter introduced me to client-side scripting, which is important for understanding cross-site scripting (XSS) attacks and how to prevent them.

7. Amazon DynamoDB: Using DynamoDB for storing visitor data highlighted the importance of securing databases. It involved setting up IAM roles and policies to control access to the database.

8. API with API Gateway and Lambda: Creating an API taught me about securing APIs, including authentication and authorization mechanisms. It also covered best practices for writing secure serverless functions.

9. Python for Lambda Functions: Writing Python code for Lambda functions emphasized the importance of secure coding practices. It included input validation, error handling, and logging, which are critical for preventing code injection attacks.

10. Testing Python Code: Implementing tests for the Python code ensured that the functions worked as expected and were resilient to edge cases. This step is crucial for maintaining the integrity and reliability of applications.

11. Infrastructure as Code: Using Terraform to manage infrastructure highlighted the importance of version control and automation in maintaining secure and consistent environments. It also covered best practices for securing infrastructure as code (IaC) templates.

Applying These Skills in Cybersecurity

The skills gained from the AWS Cloud Challenge are directly applicable to various aspects of cybersecurity:

• Cloud Security: Understanding AWS services and how to secure them is fundamental for protecting cloud environments. This includes configuring IAM, securing data, and implementing network security controls.

• Defensive Strategies for Web Applications: Knowledge of web development and APIs is essential for identifying and exploiting vulnerabilities in web applications. The challenge provided hands-on experience with these technologies, which is invaluable for defenders such as me to know how they work in order to defend them properly.

• Network Administration: Managing DNS, securing web traffic with HTTPS, and understanding network configurations are crucial for network security. These skills help in protecting against network-based attacks and ensuring secure communication.

• Secure Coding Practices: Writing secure code in Python and JavaScript, along with implementing tests, is vital for preventing common vulnerabilities like XSS, SQL injection, and code injection. These practices are essential for developing secure applications.

The Wrap Up

The AWS Cloud Challenge was a rewarding experience that not only enhanced my cloud skills but also provided a strong foundation in cloud security controls. By completing this challenge, I gained practical knowledge and hands-on experience with AWS services, web development, and secure coding practices. These skills are directly applicable to my career goals in cybersecurity, cloud security, and cloud engineering. I highly recommend this challenge to anyone looking to build their cloud and cybersecurity skills.

https://cloud.mrcyberleon.org