AWS Serverless Challenge
You and your coworker are having a great day, there is a halloween party in the office, and everyone is in a great mood!!
But something even more scary than ghosts and skeletons arrives to the party, a JIRA incident.
There is a high priority incident that involves logging into a VM and rebooting a production application. You have the SSH key but you don't have the user password for it.
This VM is on an AWS account where you have very, very limited permissions to work with, since it belongs to a team on a different timezone that is already asleep.
(Someone is getting fired for not setting up a 24/7 operations team for this application.)
The VM's password is stored in an AWS Secrets Manager secret that, of course, you don't have read access to.
However, your coworker finds that there is a Lambda function you can use to retrieve the password, and tries to set up an emergency architecture to hack your way through it:
It works like this:
- You only have access to trigger the first Lambda function and see the response.
- The first lambda function retrieves the first half of the password, and sends it to the second one.
- The second one retrieves the second half of the password, it puts them together, and responds to the first function with the entire password.
- The second function only returns the correct password if the first half of the password is correct, otherwise it won't work.
- The first function uses the response it gets from the second function to respond to the caller (you). If this response contains the password, you will see it and save the office.
- Inside Lambda, you are only able to edit the first function, not the second one.
- To trigger the first Lambda function, you should use the "Test" section given by the console.
Unfortunately, for some reason the solution fails, and it responds with an error, not with the password.
Can you fix it and save the party?
Log into the AWS Account with the IAM user name and password you received on your breakout room's invite: