Posts tagged cloudtrail
CloudTrail and VPC Endpoints Logging
- 10 January 2020
Today I learnt that AWS CloudTrail does not log requests that are denied by VPC endpoint policy. The reason for this is that it would allow an attacker to exfiltrate data via CloudTrail and the VPC endpoint outside of the VPC! (For example by sending lots of requests with data you want to extract in the request fields)