Menú
Amazon Elastic File Cache
Instalar con Codex o Claude Copia este prompt, pégalo en Codex, Claude u otro asistente, y deja que revise la página de la skill y la instale por ti.
Basado en la clasificación ocupacional SOC
eBPF-based post-exploitation for kernel-level credential harvesting, process hiding, and traffic interception on Linux
AWS post-exploitation for IAM privilege escalation, data exfiltration, persistence, and operational security via boto3
Azure/Entra ID post-exploitation for tenant compromise, Key Vault extraction, managed identity abuse, and token manipulation
CI/CD pipeline attacks for secret extraction, pipeline injection, and supply chain compromise via GitHub/Jenkins/GitLab
Kubernetes post-exploitation for container escape, secret extraction, RBAC abuse, and cluster persistence
macOS post-exploitation for credential harvesting, DTrace monitoring, TCC bypass, and stealth operations via native tools
| name | cis-aws-storage-4.2 |
| description | Amazon Elastic File Cache |
| category | cis-storage-services |
| version | 1.0.0 |
| author | cyberstrike-official |
| tags | ["cis","aws","storage","fsx","file-cache","regional-availability","level-2"] |
| cis_id | 4.2 |
| cis_benchmark | CIS AWS Storage Services Benchmark v1.0.0 |
| tech_stack | ["aws"] |
| cwe_ids | [] |
| chains_with | ["cis-aws-storage-4.1","cis-aws-storage-4.3","cis-aws-storage-4.4","cis-aws-storage-4.5"] |
| prerequisites | [] |
| severity_boost | {} |
Amazon File Cache is available in the following AWS Regions:
Amazon Elastic File Cache Compatibility: In order to use AWS FSx, you must ensure that the operating system you're using on the compute instance is compatible with AWS FSx. Below are the compatible operating systems:
The rationale behind creating Amazon Elastic File Cache is to enhance the performance and scalability of cloud-based applications by providing a high-speed, scalable file caching solution. This service reduces latency and improves access times for frequently accessed data, thereby optimizing application performance and user experience. Additionally, it helps manage and reduce storage costs by efficiently utilizing cached data, ensuring that resources are used effectively while maintaining high performance standards.
Not implementing Amazon Elastic File Cache can lead to increased latency and slower access times for frequently accessed data, resulting in suboptimal performance for cloud-based applications. This can negatively affect user experience and productivity. Additionally, without an efficient caching solution, there may be higher storage costs due to inefficient use of resources, and the system may struggle to handle high demand, leading to potential performance bottlenecks and scalability issues.
Creating Amazon Elastic File Cache:
Before you can start using Amazon Elastic File Cache, you must set up an Amazon Elastic Compute Instance and an S3 bucket.
Verify regional availability:
No specific CLI audit commands are provided in this control as it is primarily about regional availability and compatibility verification.
Amazon Elastic File Cache should be deployed in supported regions with compatible operating systems. The Lustre client must be installed on Ubuntu systems for FSx service to work properly.
No specific CLI remediation commands are required for this control.
Amazon Elastic File Cache is available only in the regions listed above. The service requires compatible operating systems to function properly.
| Controls Version | Control | IG 1 | IG 2 | IG 3 |
|---|---|---|---|---|
| v8 | 3.3 Configure Data Access Control Lists Configure data access control lists based on a user's need to know. Apply data access control lists, also known as access permissions, to local and remote file systems, databases, and applications. | ● | ● | ● |
| v8 | 8.3 Ensure Adequate Audit Log Storage Ensure that logging destinations maintain adequate storage to comply with the enterprise's audit log management process. | ● | ● | ● |
| v7 | 6.4 Ensure adequate storage for logs Ensure that all systems that store logs have adequate storage space for the logs generated. | ● | ● | |
| v7 | 14.6 Protect Information through Access Control Lists Protect all information stored on systems with file system, network share, claims, application, or database specific access control lists. These controls will enforce the principle that only authorized individuals should have access to the information based on their need to access the information as a part of their responsibilities. | ● | ● | ● |
Level 2
