Cloud Threat Model

I attended a cybersecurity event 👉container security village. I learn this topic Threat Modelling in Cloud so i want to apply this theory. Some memories :)

My experiment a static website in an AWS S3 bucket, served via a Content Delivery Network (CDN), with an AWS Lambda backend API. I want to apply threat modeling: shifting security left by finding flaws in the design phase rather than in production.

Diagram showing Components (Data Flows) ✴️

• Where does secure private data start?

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19

Browser / app.py
   AWS WAF 
      │
      ▼
┌─────────────────┐        ┌──────────────────┐
│  API Gateway    │──────▶ │  Lambda (Python) │
│  (HTTP API)     │        │  handler.py      │
└─────────────────┘        └────────┬─────────┘
                                    │ s3:ListBucket
                                    ▼
                           ┌──────────────────┐
                           │    S3 Bucket     │  (private)
                           │  gallery images  │
                           └──────────────────┘
                                    ▲
                           OAC (sigv4)
                                    │
Browser ──────────────────▶ CloudFront CDN
                            (image delivery)

Phase 2: Identify Threats (Using STRIDE) 🧐

STRIDE methodology (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege) to identify threats at each component.

Mitigation Plan: Cloud configuration fixes.

• S3: Block direct public access and apply CloudFront restriction.
• Lambda: Use IAM roles for S3 and Cloudfront access.
• API Gateway: Enable a firewall to block IPs that exceed request limits.
• CloudFront: Apply Amazon CloudFront Origin Access Control (OAC).

👉My code:🔗 Results

Recommended Tools

• OWASP Threat Dragon (Free, open-source tool)

Offtopic

Love your dogs by giving them a quality life. Don’t forget to neuter!