Shakedown Social

0 posts0 participants0 posts today

Teri RadichelSome Interesting IP Address and VPC Announcements from AWS ~~ How are you currently managing your IP ranges and ASNs? ~~ <a href="https://infosec.exchange/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AWS</a> <a href="https://infosec.exchange/tags/VPC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VPC</a> <a href="https://infosec.exchange/tags/IP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IP</a> <a href="https://infosec.exchange/tags/NetworkSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NetworkSecurity</a> <a href="https://medium.com/cloud-security/some-interesting-ip-address-and-vpc-announcements-from-aws-7566beb56179" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://medium.com/cloud-security/some-interesting-ip-address-and-vpc-announcements-from-aws-7566beb56179</a>

Lewis Westbury 💛💙🌱Working in <a href="https://mastodon.social/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AWS</a>, you may find you need to move your <a href="https://mastodon.social/tags/lambdas" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#lambdas</a> out of the default <a href="https://mastodon.social/tags/VPC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VPC</a> so they can talk to other services, eg. RDS. Granting <a href="https://mastodon.social/tags/internet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#internet</a> access to lambdas in the non-default VPC isn't trivial...💡 Here's a <a href="https://mastodon.social/tags/CloudFormation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudFormation</a> gist with a working solution...➡️ <a href="https://gist.github.com/instantiator/fc433a98bb6a58234602d67a69b3cda7" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://gist.github.com/instantiator/fc433a98bb6a58234602d67a69b3cda7</a><a href="https://mastodon.social/tags/CF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CF</a> <a href="https://mastodon.social/tags/SAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SAM</a> <a href="https://mastodon.social/tags/serverless" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#serverless</a> <a href="https://mastodon.social/tags/InternetGateway" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InternetGateway</a> <a href="https://mastodon.social/tags/NAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NAT</a> <a href="https://mastodon.social/tags/NATGateway" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NATGateway</a>

Teri RadichelTroubleshooting <a href="https://infosec.exchange/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AWS</a> <a href="https://infosec.exchange/tags/VPC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VPC</a> <a href="https://infosec.exchange/tags/Endpoints" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Endpoints</a> ~~ ACM.318 When you cannot access AWS Services or your response time slows down after deploying VPC endpoints and how to fix it ~~ Not sure this is how it’s supposed to work. 🤔 But this fixes it.<a href="https://medium.com/cloud-security/troubleshooting-vpc-endpoints-abf4cf05f1ef" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://medium.com/cloud-security/troubleshooting-vpc-endpoints-abf4cf05f1ef</a>

Teri RadichelCannot Restrict Lambda Actions Based on Private IP Addresses in a Service Control Policy~~ ACM.313 <a href="https://infosec.exchange/tags/IPAddress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IPAddress</a> and <a href="https://infosec.exchange/tags/NotIPAddress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NotIPAddress</a> conditions don’t work for Lambda on Private IP addresses in an <a href="https://infosec.exchange/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AWS</a> <a href="https://infosec.exchange/tags/SCP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SCP</a> when using a <a href="https://infosec.exchange/tags/VPC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VPC</a> Endpoint ~~<a href="https://medium.com/cloud-security/aws-ip-conditions-in-an-scp-not-working-with-private-ip-ranges-and-lambda-vpc-endpoint-22ff7a7647ca" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://medium.com/cloud-security/aws-ip-conditions-in-an-scp-not-working-with-private-ip-ranges-and-lambda-vpc-endpoint-22ff7a7647ca</a>

Teri RadichelRestricting the Ability to Invoke a Lambda Function to a Private Network ~~ ACM.311 When configuring a VPC is not enough ~~ <a href="https://infosec.exchange/tags/Lambda" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Lambda</a> <a href="https://infosec.exchange/tags/Private" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Private</a> <a href="https://infosec.exchange/tags/Network" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Network</a> <a href="https://infosec.exchange/tags/VPC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VPC</a> <a href="https://infosec.exchange/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AWS</a> <a href="https://infosec.exchange/tags/Cloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cloud</a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://medium.com/cloud-security/restricting-the-ability-to-invoke-a-lambda-function-to-a-private-network-775461f53fa8" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://medium.com/cloud-security/restricting-the-ability-to-invoke-a-lambda-function-to-a-private-network-775461f53fa8</a>

Teri RadichelTroubleshooting Lambda Networking ~~ ACM.308 Validating private network access and troubleshooting issues access from a private VPC through a NAT ~~ <a href="https://infosec.exchange/tags/lambda" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#lambda</a> <a href="https://infosec.exchange/tags/networking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#networking</a> <a href="https://infosec.exchange/tags/vpc" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vpc</a> <a href="https://infosec.exchange/tags/troubleshooting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#troubleshooting</a> <a href="https://infosec.exchange/tags/aws" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#aws</a> <a href="https://infosec.exchange/tags/cloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cloud</a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://medium.com/cloud-security/troubleshooting-lambda-networking-c6a957746407" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://medium.com/cloud-security/troubleshooting-lambda-networking-c6a957746407</a>

Teri RadichelVPC with a <a href="https://infosec.exchange/tags/NAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NAT</a> and a <a href="https://infosec.exchange/tags/VPC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VPC</a> <a href="https://infosec.exchange/tags/Endpoint" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Endpoint</a> Deployed With <a href="https://infosec.exchange/tags/CloudFormation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudFormation</a> ~~ ACM.276 Allow a <a href="https://infosec.exchange/tags/Lambda" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Lambda</a> function in a private network to access <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHub</a> via a NAT and <a href="https://infosec.exchange/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AWS</a> <a href="https://infosec.exchange/tags/CodeCommit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CodeCommit</a> via a VPC <a href="https://infosec.exchange/tags/Endpoint" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Endpoint</a> ~~ by Teri Radichel | July 31, 2023 <a href="https://infosec.exchange/tags/Network" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Network</a> <a href="https://infosec.exchange/tags/Cloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cloud</a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a><a href="https://medium.com/cloud-security/vpc-and-nat-and-a-vpcendpoint-deployed-with-cloudformation-229870a3d008" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://medium.com/cloud-security/vpc-and-nat-and-a-vpcendpoint-deployed-with-cloudformation-229870a3d008</a>

Teri RadichelDeploy a Public and Private Subnet in an <a href="https://infosec.exchange/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AWS</a> <a href="https://infosec.exchange/tags/VPC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VPC</a> ~~~ Not simple. And not done. I’ll check in the code when I’m done with the sub-series on deploying a static website in S3. ~~~ by Teri Radichel | July 28, 2023 <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cloudsecurity</a> <a href="https://infosec.exchange/tags/networksecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#networksecurity</a><a href="https://medium.com/cloud-security/deploy-a-public-and-private-subnet-in-an-aws-vpc-41b1b5dd6364" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://medium.com/cloud-security/deploy-a-public-and-private-subnet-in-an-aws-vpc-41b1b5dd6364</a>

Teri RadichelArchitecture with Transit Gateway in an AWS Organization ~ In last few posts in this series I’ve been pondering options for a <a href="https://infosec.exchange/tags/Lambda" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Lambda</a> function in a <a href="https://infosec.exchange/tags/VPC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VPC</a> that needs to reach the Internet via a <a href="https://infosec.exchange/tags/NAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NAT</a> and related concerns. ~~~ by Teri Radichel | Jul 26, 2023 <a href="https://medium.com/cloud-security/architecture-with-transit-gateway-in-an-aws-organization-ee1c218ed469" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://medium.com/cloud-security/architecture-with-transit-gateway-in-an-aws-organization-ee1c218ed469</a>

Recent searches

Search options

Administered by:

Server stats:

#vpc