Score:0

Identify the profiles stored in S3 Bucket?

gy flag

New to this, and new to AWS in general.
Currently reviewing the profiles in S3 bucket to identify which ones can be deleted.

it is not easy to identify whom it belongs to as its a SHA256 generated code.
enter image description here

Is there an easy way to identify what is the email hidden behind it? Otherwise, I need to convert a lot of emails to hash and compare that way ... long process.

Kindly note, not an expect in AWS, a newbee rather.

Tim avatar
gp flag
Tim
Whatever you're done is custom, not AWS standard, you'll have to find the code doing this and look at how it works.
BiMi avatar
gy flag
Oh, so you are saying the SHA256 was created cos somebody decided that way? I know that converting a user's email to SHA256 will generate the code and then have to manually compare it. COnsidering there are over 100 of such codes... can u imagine the workload? Hence, if there is a way via AWL CLI to say "ok, show me the owner/email of this profile"
BiMi avatar
gy flag
matter of fact, when downloading the profile.vhdx file and opening with notepad, I can then find the [email protected] emaiol address poiting to the user's account. Again, this is still a lot of manual process .... :/
Tim avatar
gp flag
Tim
Again, someone set this up as a custom piece of code. AWS has no knowledge of what you store in the bucket. A couple of scripts should make this a small job.
BiMi avatar
gy flag
Thanks Tim, may you point me in right direction and explain in what the scripting involves? would appreciate your assistance
Tim avatar
gp flag
Tim
Some kind of script to hash the profile names and outputs profile name vs sha, another that takes the sha code from "s3 ls" and matches them up. You could even tag the S3 objects with the user name, but that would defeat the purpose of the obfuscation.
BiMi avatar
gy flag
... not sure how.
Tim avatar
gp flag
Tim
Best hire someone
BiMi avatar
gy flag
ohhh that's an amazing suggestion ... hah
Tim avatar
gp flag
Tim
We can't teach you scripting. On SF we can help you understand a specific issue so you can work the rest out yourself. The situation you have is someone wrote some code that puts files on S3, it's not well documented, and you're trying to understand it. Given the lack of documentation you will need to reverse engineer it. The simplest way forward for you is probably to individually hash the email addresses of people who have left the company then manually match that to the S3 bucket. Alternately a lifecycle policy for archiving old data to reduce costs.
BiMi avatar
gy flag
indeed ... a life cycle would solve it, just raised a nother question on that, hoping there is some guide on that part in how to create a life cycle policy to delete profiles in S3 buckets IF not utilised/accessed over 3 months.
BiMi avatar
gy flag
as for the hashing ... not aware that there is ascript to hash it and really why it was requested to be hashed? Maybe cos of the URL generated when calling for the AppStream session? hmmmm I dont know nor aware how it was setup. If lifecycle can delete them after a particular time then it would safe the time indeed.
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.