Sign up to save your podcasts
Or
Share Centralized VPC Endpoints - Why It Works for AWS Networking
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Centralized VPC Endpoints - Why It Works for AWS Networking
In this episode, Meg Ashby, a senior cloud security engineer shares how her team tackled AWS’s centralized VPC interface endpoints, a design often seen as an anti-pattern. She explains how they turned this unconventional approach into a cost-efficient and scalable solution, all while maintaining granular controls and network visibility. She shares why centralized VPC endpoints are considered an AWS anti-pattern, how to implement granular IAM controls in a centralized model and the challenges of monitoring and detecting VPC endpoint traffic.
Guest Socials: Meg's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(02:48) A bit about Meg Ashby
(03:44) What is VPC interface endpoints?
(05:26) Egress and Ingress for Private Networks
(08:21) Reason for using VPC endpoints
(14:22) Limitations when using centralised endpoint VPCs
(19:01) Marrying VPC endpoint and IAM policy
(21:34) VPC endpoint specific conditions
(27:52) Is this solution for everyone?
(38:16) Does VPC endpoint have logging?
(41:24) Improvements for the next phase
Thank you to our episode sponsor Wiz. Cloud Security Podcast listeners can also get a free cloud security health scan by going to wiz.io/csp
View all episodes
By Cloud Security Podcast Team
5
5656 ratings
In this episode, Meg Ashby, a senior cloud security engineer shares how her team tackled AWS’s centralized VPC interface endpoints, a design often seen as an anti-pattern. She explains how they turned this unconventional approach into a cost-efficient and scalable solution, all while maintaining granular controls and network visibility. She shares why centralized VPC endpoints are considered an AWS anti-pattern, how to implement granular IAM controls in a centralized model and the challenges of monitoring and detecting VPC endpoint traffic.
Guest Socials: Meg's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(02:48) A bit about Meg Ashby
(03:44) What is VPC interface endpoints?
(05:26) Egress and Ingress for Private Networks
(08:21) Reason for using VPC endpoints
(14:22) Limitations when using centralised endpoint VPCs
(19:01) Marrying VPC endpoint and IAM policy
(21:34) VPC endpoint specific conditions
(27:52) Is this solution for everyone?
(38:16) Does VPC endpoint have logging?
(41:24) Improvements for the next phase
Thank you to our episode sponsor Wiz. Cloud Security Podcast listeners can also get a free cloud security health scan by going to wiz.io/csp
More shows like Cloud Security Podcast
View all
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
372 Listeners
Risky Business
371 Listeners
The Cloudcast
151 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
651 Listeners
CyberWire Daily
1,020 Listeners
Darknet Diaries
8,064 Listeners
Cybersecurity Today
179 Listeners
Kubernetes Podcast from Google
180 Listeners
CISO Series Podcast
189 Listeners
Practical AI
204 Listeners
AWS Podcast
205 Listeners
Defense in Depth
74 Listeners
Cyber Security Headlines
139 Listeners
Cloud Security Podcast by Google
40 Listeners
Risky Bulletin
44 Listeners