Has anyone implemented Kali Linux AMI for pen-testing and if I’m using it to only pen-test applications or resources back in my data center, do I have to inform AWS?
I have created an AMI with Kali in the past (when there wasn’t an AMI available in the AWS Marketplace), but it’s much easier to do nowadays and you have several options available; please see my notes below as well as the answer to your question about penetration testing.
Option One: Use the Kali Linux AMI from Offensive Security in the AWS Marketplace. Please see here: https://aws.amazon.com/marketplace/pp/B01M26MMTT
Option Two: Create an Ubuntu EC2 instance and install Kali using “apt-get install kali-linux-full”, the complete set of instructions can be found here: https://www.alienvault.com/blogs/security-essentials/configuring-kali-linux-on-amazon-aws-cloud-for-free
Option Three: Build your own AMI using a bootstrap script (I wouldn’t recommend this option). You can find details regarding this on the Internet.
Penetration Testing AWS Resources
The answer to your other question is “yes”, AWS does require express authorization before performing any type of penetration test or vulnerability assessment scanning of any cloud based assets (regardless of whether you own them or not). AWS refers to this as “Simulated Event Testing” and you can find the form that you need to complete along with additional information here: https://aws.amazon.com/security/penetration-testing/
PERFORM THE FOLLOWING STEPS IF YOU CAN’T RUN “apt-get install Kali-linux-full” FROM ABOVE:
root@ubuntu-vm:~# cp /etc/apt/sources.list /etc/apt/sources.list.bak
Now, append the following to the bottom of your “/etc/apt/sources.list” file:
deb http://http.kali.org/kali kali-rolling main contrib non-free
deb http://http.kali.org/kali sana main non-free contrib
deb http://security.kali.org/kali-security sana/updates main contrib non-free
deb http://old.kali.org/kali moto main non-free contrib
root@ubuntu-vm:~# apt-get update && apt-cache search kali-linux
root@ubuntu-vm:~# apt-get -y install kali-linux-full