Translated ['src/README.md', 'src/banners/hacktricks-training.md', 'src/

src/pentesting-cloud/aws-security/aws-services/aws-directory-services-workdocs-enum.md

@@ -4,26 +4,25 @@
 
 ## Directory Services
 
-AWS Directory Service for Microsoft Active Directory is a managed service that makes it easy to **set up, operate, and scale a directory** in the AWS Cloud. It is built on actual **Microsoft Active Directory** and integrates tightly with other AWS services, making it easy to manage your directory-aware workloads and AWS resources. With AWS Managed Microsoft AD, you can **use your existing** Active Directory users, groups, and policies to manage access to your AWS resources. This can help simplify your identity management and reduce the need for additional identity solutions. AWS Managed Microsoft AD also provides automatic backups and disaster recovery capabilities, helping to ensure the availability and durability of your directory. Overall, AWS Directory Service for Microsoft Active Directory can help you save time and resources by providing a managed, highly available, and scalable Active Directory service in the AWS Cloud.
+AWS Directory Service for Microsoft Active Directory is 'n bestuurde diens wat dit maklik maak om 'n **directory op te stel, te bedryf en te skaal** in die AWS Cloud. Dit is gebou op werklike **Microsoft Active Directory** en integreer noukeurig met ander AWS-dienste, wat dit maklik maak om jou directory-bewuste werklading en AWS-hulpbronne te bestuur. Met AWS Managed Microsoft AD kan jy **jou bestaande** Active Directory gebruikers, groepe en beleide gebruik om toegang tot jou AWS-hulpbronne te bestuur. Dit kan help om jou identiteitsbestuur te vereenvoudig en die behoefte aan addisionele identiteitsoplossings te verminder. AWS Managed Microsoft AD bied ook outomatiese rugsteun en rampherstelvermoëns, wat help om die beskikbaarheid en duursaamheid van jou directory te verseker. Oor die algemeen kan AWS Directory Service for Microsoft Active Directory jou help om tyd en hulpbronne te bespaar deur 'n bestuurde, hoogs beskikbare en skaalbare Active Directory-diens in die AWS Cloud te bied.
 
 ### Options
 
-Directory Services allows to create 5 types of directories:
+Directory Services laat jou toe om 5 tipes directories te skep:
 
-- **AWS Managed Microsoft AD**: Which will run a new **Microsoft AD in AWS**. You will be able to set the admin password and access the DCs in a VPC.
-- **Simple AD**: Which will be a **Linux-Samba** Active Directory–compatible server. You will be able to set the admin password and access the DCs in a VPC.
-- **AD Connector**: A proxy for **redirecting directory requests to your existing Microsoft Active Directory** without caching any information in the cloud. It will be listening in a **VPC** and you need to give **credentials to access the existing AD**.
-- **Amazon Cognito User Pools**: This is the same as Cognito User Pools.
-- **Cloud Directory**: This is the **simplest** one. A **serverless** directory where you indicate the **schema** to use and are **billed according to the usage**.
+- **AWS Managed Microsoft AD**: Wat 'n nuwe **Microsoft AD in AWS** sal laat loop. Jy sal in staat wees om die admin wagwoord in te stel en toegang tot die DC's in 'n VPC te verkry.
+- **Simple AD**: Wat 'n **Linux-Samba** Active Directory–kompatible bediener sal wees. Jy sal in staat wees om die admin wagwoord in te stel en toegang tot die DC's in 'n VPC te verkry.
+- **AD Connector**: 'n proxy vir **om directory versoeke na jou bestaande Microsoft Active Directory te herlei** sonder om enige inligting in die wolk te kas. Dit sal in 'n **VPC** luister en jy moet **akkrediteer om toegang tot die bestaande AD te verkry**.
+- **Amazon Cognito User Pools**: Dit is dieselfde as Cognito User Pools.
+- **Cloud Directory**: Dit is die **simpele** een. 'n **serverless** directory waar jy die **schema** aandui om te gebruik en jy word **gefactureer volgens die gebruik**.
 
-AWS Directory services allows to **synchronise** with your existing **on-premises** Microsoft AD, **run your own one** in AWS or synchronize with **other directory types**.
+AWS Directory services laat jou toe om te **synchroniseer** met jou bestaande **on-premises** Microsoft AD, **jou eie een** in AWS te laat loop of te synchroniseer met **ander directory tipes**.
 
 ### Lab
 
-Here you can find a nice tutorial to create you own Microsoft AD in AWS: [https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_tutorial_test_lab_base.html](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_tutorial_test_lab_base.html)
+Hier kan jy 'n lekker tutoriaal vind om jou eie Microsoft AD in AWS te skep: [https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_tutorial_test_lab_base.html](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_tutorial_test_lab_base.html)
 
 ### Enumeration
-
 ```bash
 # Get directories and DCs
 aws ds describe-directories
@@ -36,10 +35,9 @@ aws ds get-directory-limits
 aws ds list-certificates --directory-id <id>
 aws ds describe-certificate --directory-id <id> --certificate-id <id>
 ```
-
 ### Login
 
-Note that if the **description** of the directory contained a **domain** in the field **`AccessUrl`** it's because a **user** can probably **login** with its **AD credentials** in some **AWS services:**
+Let daarop dat as die **beskrywing** van die gids 'n **domein** in die veld **`AccessUrl`** bevat, dit is omdat 'n **gebruiker** waarskynlik kan **aanmeld** met sy **AD-akkrediteer** in sommige **AWS-dienste:**
 
 - `<name>.awsapps.com/connect` (Amazon Connect)
 - `<name>.awsapps.com/workdocs` (Amazon WorkDocs)
@@ -57,30 +55,29 @@ Note that if the **description** of the directory contained a **domain** in the
 
 ### Using an AD user
 
-An **AD user** can be given **access over the AWS management console** via a Role to assume. The **default username is Admin** and it's possible to **change its password** from AWS console.
+'n **AD-gebruiker** kan **toegang oor die AWS-bestuurskonsol** gegee word via 'n Rol om aan te neem. Die **standaard gebruikersnaam is Admin** en dit is moontlik om **sy wagwoord te verander** vanaf die AWS-konsol.
 
-Therefore, it's possible to **change the password of Admin**, **create a new user** or **change the password** of a user and grant that user a Role to maintain access.\
-It's also possible to **add a user to a group inside AD** and **give that AD group access to a Role** (to make this persistence more stealth).
+Daarom is dit moontlik om **die wagwoord van Admin te verander**, **'n nuwe gebruiker te skep** of **die wagwoord** van 'n gebruiker te verander en daardie gebruiker 'n Rol te gee om toegang te behou.\
+Dit is ook moontlik om **'n gebruiker aan 'n groep binne AD toe te voeg** en **daardie AD-groep toegang tot 'n Rol te gee** (om hierdie volharding meer stil te maak).
 
 ### Sharing AD (from victim to attacker)
 
-It's possible to share an AD environment from a victim to an attacker. This way the attacker will be able to continue accessing the AD env.\
-However, this implies sharing the managed AD and also creating an VPC peering connection.
+Dit is moontlik om 'n AD-omgewing van 'n slagoffer na 'n aanvaller te deel. Op hierdie manier sal die aanvaller in staat wees om voort te gaan om toegang tot die AD-omgewing te verkry.\
+Dit impliseer egter die deel van die bestuurde AD en ook die skep van 'n VPC-peeringverbinding.
 
-You can find a guide here: [https://docs.aws.amazon.com/directoryservice/latest/admin-guide/step1_setup_networking.html](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/step1_setup_networking.html)
+Jy kan 'n gids hier vind: [https://docs.aws.amazon.com/directoryservice/latest/admin-guide/step1_setup_networking.html](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/step1_setup_networking.html)
 
 ### ~~Sharing AD (from attacker to victim)~~
 
-It doesn't look like possible to grant AWS access to users from a different AD env to one AWS account.
+Dit lyk nie moontlik om AWS-toegang aan gebruikers van 'n ander AD-omgewing te gee nie, na een AWS-rekening.
 
 ## WorkDocs
 
-Amazon Web Services (AWS) WorkDocs is a cloud-based **file storage and sharing service**. It is part of the AWS suite of cloud computing services and is designed to provide a secure and scalable solution for organizations to store, share, and collaborate on files and documents.
+Amazon Web Services (AWS) WorkDocs is 'n wolk-gebaseerde **lêeropslag en deel diens**. Dit is deel van die AWS-suite van wolkrekenaarsdienste en is ontwerp om 'n veilige en skaalbare oplossing te bied vir organisasies om lêers en dokumente te stoor, te deel en saam te werk.
 
-AWS WorkDocs provides a web-based interface for users to upload, access, and manage their files and documents. It also offers features such as version control, real-time collaboration, and integration with other AWS services and third-party tools.
+AWS WorkDocs bied 'n web-gebaseerde koppelvlak vir gebruikers om hul lêers en dokumente op te laai, toegang te verkry en te bestuur. Dit bied ook funksies soos weergawebeheer, regstreekse samewerking, en integrasie met ander AWS-dienste en derdeparty gereedskap.
 
 ### Enumeration
-
 ```bash
 # Get AD users (Admin not included)
 aws workdocs describe-users --organization-id <directory-id>
@@ -109,7 +106,6 @@ aws workdocs describe-resource-permissions --resource-id <value>
 aws workdocs add-resource-permissions --resource-id <id> --principals Id=anonymous,Type=ANONYMOUS,Role=VIEWER
 ## This will give an id, the file will be acesible in: https://<name>.awsapps.com/workdocs/index.html#/share/document/<id>
 ```
-
 ### Privesc
 
 {{#ref}}
@@ -117,7 +113,3 @@ aws workdocs add-resource-permissions --resource-id <id> --principals Id=anonymo
 {{#endref}}
 
 {{#include ../../../banners/hacktricks-training.md}}
-
-
-
-