All geek questions in one place

EC2 instance - sending user data - is it safe?

I have an Amazon EC2 instance, and the goal of this instance is to make calculations based on some medical information. I am loading an instance from Java through the Amazon Java API ( RunInstanceRequest ). I give an instance of EC2 some user data (for example, a patient identifier) ​​that the instance must execute to calculate.

 request.setUserData(getMyUserData());

I'm just wondering how safe it is to do - this is information. somehow encrypted?

+4
source share
3 answers

http://aws.amazon.com/articles/1697 This article talks about some basic security that Amazon has. It does not specifically say anything about user data, but I assume that it is relatively safe. I would be careful if you were transmitting any confidential user information, passing the user ID, it should be in order, but I would not miss passwords or credit card information with him, etc.

If you are concerned about security, you can always encrypt the data yourself and decrypt the data when it reaches your instance.

0
source

It is not safe. EC2 operators have full access to your data. Perhaps the data is encrypted along the path to EC2, which will prevent the interceptors from getting your data, but EC2 will still receive it.

If you care about security, you should either send only the encrypted output of your data to EC2, or decrypt it locally after receiving it, or just buy your own machine and put the data there.

+2
source

EC2 user data is very insecure. All AWS instances have access to the metadata URL, where user data is one of the available metadata fragments. Any process on the server that is capable of performing an HTTP request can access it and display user data in plain text.

0
source

Source: https://habr.com/ru/post/1399425/

More articles:


All Articles