Terraform Lab: Taking the New VPC Endpoint Condition Keys Out for a Spin

Our new open source Terraform project offers hands-on experience with VPC endpoints and demos AWS's new condition keys for securing EC2 instances

Lior Zatlavi By Lior Zatlavi
Terraform Lab: Taking the New VPC Endpoint Condition Keys Out for a Spin

AWS recently released two new condition keys that can be used to set very effective guardrails against exfiltration of credentials from EC2 instances, for calls made through VPC endpoints. As we covered in the Ermetic blog, this is another major incentive for using VPC endpoints - so we decided to make it easier for you to use them. 

We’ve created an open source Terraform project, along with a detailed playbook that will provide you with hands-on experience provisioning and using a VPC endpoint to better understand how it works.

In addition, the lab includes a demonstration of how to use recently-released condition keys that can minimize  the fallout from exfiltration of security credentials from EC2 instances due to misconfigurations - a very common initial access vector for malicious actors.

During each step in the playbook, make sure you explore the resources created in the AWS console to make the most of the experience.

Hope you enjoy this resource! 

For any questions, or requests for similar projects - feel free to contact us. 

Lior Zatlavi
Sr. Cloud Security Architect, Ermetic
[email protected]

Skip to content