AWS DNS Firewall
How to prevent data exfiltration via DNS tunneling.
AWS makes several features and services available so that the customer can effectively construct
layered security in their environment.
However, a few years ago, it was not possible to control DNS queries originating from the VPC
natively, so the customer needed to plan the security of their network architecture with
third-party
solutions in order to fill that gap.
Continue reading...
VPC S3 Endpoint with a Custom Policy
Today, we will explore the basic concepts of the VPC endpoint for S3, the different types and
differences between them, and most importantly, how to configure an S3 endpoint policy to limit
which buckets your services can communicate with.
Continue
reading...
AWS Service Control Policies (SCPs)
Service control policies are used as guardrails or to set limits over a central location (AWS
Organization). You can use SCPs to define the maximum permission allowed to accounts belonging
to
your organization.
Continue reading...