Terraform Lab: Taking the New VPC Endpoint Condition Keys Out for a Spin
Our new open source Terraform project offers hands-on experience with VPC endpoints and demos AWS's new condition keys for securing EC2 instances
By Lior Zatlavi
AWS recently released two new condition keys that can be used to set very effective guardrails against exfiltration of credentials from EC2 instances, for calls made through VPC endpoints. As we covered in the Ermetic blog, this is another major incentive for using VPC endpoints - so we decided to make it easier for you to use them.
We’ve created an open source Terraform project, along with a detailed playbook that will provide you with hands-on experience provisioning and using a VPC endpoint to better understand how it works.
In addition, the lab includes a demonstration of how to use recently-released condition keys that can minimize the fallout from exfiltration of security credentials from EC2 instances due to misconfigurations - a very common initial access vector for malicious actors.
During each step in the playbook, make sure you explore the resources created in the AWS console to make the most of the experience.
Hope you enjoy this resource!
For any questions, or requests for similar projects - feel free to contact us.
Lior Zatlavi
Sr. Cloud Security Architect, Ermetic
[email protected]
