Security Researcher Detected: You might have ended up here because your site vulnerability scanner found something interesting. Hi! I'm a security engineer and I'm having a good time interacting with the people and bots that are interested in information security.
You will hopefully find this site is well-secured and I'm not interested in being hacked. I'm interested in learning about how people try to hack me, though.
What is this endpoint?
.aws/config
AWS CLI
What an attacker could do
The AWS CLI config file exposes profile names, default regions, role ARNs, and SSO/MFA settings, and if a paired credentials file is present, the access key ID and secret, granting direct programmatic access to the AWS account. Even without keys, the role and account structure aids targeted attacks.
How to defend it
Never place .aws/ files under a web-served directory, block dotfile access at the web server, and use short-lived IAM role credentials or instance profiles instead of long-lived keys stored on disk.
Connect with the Security Engineer
Learn More
Want to dive deeper into this topic? Check out the official documentation.
Read Official Documentation