Sign up to save your podcasts
Or
Share Centralized VPC Endpoints - Why It Works for AWS Networking
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Centralized VPC Endpoints - Why It Works for AWS Networking
In this episode, Meg Ashby, a senior cloud security engineer shares how her team tackled AWS’s centralized VPC interface endpoints, a design often seen as an anti-pattern. She explains how they turned this unconventional approach into a cost-efficient and scalable solution, all while maintaining granular controls and network visibility. She shares why centralized VPC endpoints are considered an AWS anti-pattern, how to implement granular IAM controls in a centralized model and the challenges of monitoring and detecting VPC endpoint traffic.
Guest Socials: Meg's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(02:48) A bit about Meg Ashby
(03:44) What is VPC interface endpoints?
(05:26) Egress and Ingress for Private Networks
(08:21) Reason for using VPC endpoints
(14:22) Limitations when using centralised endpoint VPCs
(19:01) Marrying VPC endpoint and IAM policy
(21:34) VPC endpoint specific conditions
(27:52) Is this solution for everyone?
(38:16) Does VPC endpoint have logging?
(41:24) Improvements for the next phase
Thank you to our episode sponsor Wiz. Cloud Security Podcast listeners can also get a free cloud security health scan by going to wiz.io/csp
View all episodes
By Cloud Security Podcast Team
5
5656 ratings
In this episode, Meg Ashby, a senior cloud security engineer shares how her team tackled AWS’s centralized VPC interface endpoints, a design often seen as an anti-pattern. She explains how they turned this unconventional approach into a cost-efficient and scalable solution, all while maintaining granular controls and network visibility. She shares why centralized VPC endpoints are considered an AWS anti-pattern, how to implement granular IAM controls in a centralized model and the challenges of monitoring and detecting VPC endpoint traffic.
Guest Socials: Meg's Linkedin
Podcast Twitter - @CloudSecPod
If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:
- Cloud Security Podcast- Youtube
- Cloud Security Newsletter
- Cloud Security BootCamp
Questions asked:
(00:00) Introduction
(02:48) A bit about Meg Ashby
(03:44) What is VPC interface endpoints?
(05:26) Egress and Ingress for Private Networks
(08:21) Reason for using VPC endpoints
(14:22) Limitations when using centralised endpoint VPCs
(19:01) Marrying VPC endpoint and IAM policy
(21:34) VPC endpoint specific conditions
(27:52) Is this solution for everyone?
(38:16) Does VPC endpoint have logging?
(41:24) Improvements for the next phase
Thank you to our episode sponsor Wiz. Cloud Security Podcast listeners can also get a free cloud security health scan by going to wiz.io/csp
More shows like Cloud Security Podcast
View all
Risky Business
365 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
626 Listeners
The Cloudcast
152 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
366 Listeners
CyberWire Daily
1,009 Listeners
AWS Podcast
202 Listeners
Darknet Diaries
7,879 Listeners
Cybersecurity Today
166 Listeners
Kubernetes Podcast from Google
181 Listeners
CISO Series Podcast
189 Listeners
Practical AI
192 Listeners
Defense in Depth
74 Listeners
Cyber Security Headlines
127 Listeners
Cloud Security Podcast by Google
38 Listeners
Risky Bulletin
43 Listeners