Posts tagged cloudtrail

CloudTrail and VPC Endpoints Logging

10 January 2020

Today I learnt that AWS CloudTrail does not log requests that are denied by VPC endpoint policy. The reason for this is that it would allow an attacker to exfiltrate data via CloudTrail and the VPC endpoint outside of the VPC! (For example by sending lots of requests with data you want to extract in the request fields)

Tags
alabaster
arm
autohotkey
aws
bash
boto
cloudformation
cloudtrail
cloudwatch
docker
elasticsearch
electronics
emc
food
gitlab
hardware
iam
internet
jupytr
k8s
kruger
lambda
lenovo
leopard
linux
logstash
lowecase
m5
mitm
networking
nixos
nodejs
opendistro
opensource
pagerduty
philosophy
postfix
python