Pre-requisites for Cloud Security Assessment

To perform a comprehensive Cloud Security Assessment, please provide access based on your cloud provider. All actions taken are read-only and intended for assessment purposes only.

Mandatory (Platform-Specific Access Requirements):

1. AWS Cloud

• Create a new IAM user in Production.

• Attach the Security Auditor job function.

• Share:

  • Programmatic Access Key ID

  • Secret Access Key

  • Region(s) to be scanned

  • Restricting ReadOnlyAccess for Sensitive AWS Resources

  • Cloud Target Setup

• (Optional): List of AWS services in use.

2. GCP Cloud

• Provide a Viewer-only access user account.

• Or add jinson.varghese@getastra.com to your GCP project.

• Ensure access to all used services.

3. Azure Cloud

• Create a user account with Reader access.

• Or grant saatvik.dhiman@getastra.com the Reader role.

• Ensure access to configuration and security settings.

4. Heroku Cloud

• Share a user account with Viewer role.

5. Hetzner Cloud

• Add redteam@getastra.com as a read-only member.

6. DigitalOcean Cloud

• Add pentests@getastra.com as a read-only member.

Note:

Scope

• Assessment is conducted on production accounts only.

Safety Assurance

• No changes are made to configurations or data.

• Activities are read-only and audit-focused.

Optional Documentation

• Architectural diagrams

• Security policies

• Cloud configuration docs