Cloud Operations Console

Unified view of Keensafe Global Bank's multi-cloud footprint across AWS (primary, eu-west-1), GCP (analytics, keensafe-prod-eu) and Azure (legacy reporting).

Lab notice: every account ID, ARN, key, password and JWT on this site is a deliberate placeholder for the Keensafe external vulnerable lab. Do not treat anything here as a real production secret.

AWS Account

549302118874

EKS pods

Open findings

Public buckets

Quick access

S3 storage

4 buckets, 3 marked public-read. Includes the customer-statements bucket and the production backups bucket.

/buckets private-backups

IAM

4 users, 3 roles. Wildcard policies attached to the EC2 instance role and the Lambda execution role.

/iam /iam/users /iam/roles

Kubernetes (EKS)

5 namespaces. Secrets browser open to anonymous viewers. Read-only kubelet API exposed on port 10255.

/k8s /kubelet/pods /kubeconfig

Lambda

3 functions, every one with API keys baked into environment variables instead of Secrets Manager.

/lambda /lambda/functions

Infrastructure as code

Terraform state file is readable. CloudFormation, Helm and Pulumi templates contain plaintext secrets.

tfstate /templates

Audit log

CloudTrail feed surfaces the recent intern.summer2025 activity, including a PutBucketAcl that opened the backups bucket.

/audit cloudtrail (JSON)

Metadata service

IMDSv1 emulation. No token required — anything with SSRF reach gets AccessKeyId + SessionToken.

creds user-data

URL checker

Internal "is this URL reachable" tool. Accepts any URL — including 169.254.169.254.

Try SSRF

Credential inventory

One JSON endpoint listing every AWS, GCP, Azure and Datadog key currently in use.

/credentials

Operations contacts

On-call: cloudops@cloud01.internal.keensafeglobalbank.com. Vault server: https://vault.internal.keensafeglobalbank.com:8200. Pipeline: /debug/config.