It’s a new beginning! Ermetic is now Tenable Cloud Security.

Terraform Lab: Taking the New VPC Endpoint Condition Keys Out for a Spin

Our new open source Terraform project offers hands-on experience with VPC endpoints and demos AWS's new condition keys for securing EC2 instances

Lior Zatlavi By Lior Zatlavi
Terraform Lab: Taking the New VPC Endpoint Condition Keys Out for a Spin

AWS recently released two new condition keys that can be used to set very effective guardrails against exfiltration of credentials from EC2 instances, for calls made through VPC endpoints. As we covered in the Tenable Cloud Security blog, this is another major incentive for using VPC endpoints - so we decided to make it easier for you to use them. 

Presenting our open source Terraform project

We’ve created an open source Terraform project, along with a detailed playbook that will provide you with hands-on experience provisioning and using a VPC endpoint to better understand how it works.

In addition, the lab includes a demonstration of how to use recently-released condition keys that can minimize  the fallout from exfiltration of security credentials from EC2 instances due to misconfigurations - a very common initial access vector for malicious actors.

During each step in the playbook, make sure you explore the resources created in the AWS console to make the most of the experience.

Hope you enjoy this resource! 

For any questions, or requests for similar projects - feel free to contact us. 

Lior Zatlavi
Sr. Cloud Security Architect, Tenable Cloud Security
[email protected]

Skip to content