The Cloud Conformity VPC Endpoint Exposed check brought my attention to this one, as I think they have a bug in this check: https://www.cloudconformity.com/knowledge-base/aws/VPC/endpoint-exposed.html There are two types of VPC endpoint: Interface and Gateway (S3, DynamoDB). What are suggested in the above link only applies to the Interface endpoint, but not the Gateway endpoint. As … Continue reading Endpoint policies for gateway endpoints
Can AWS default VPC be deleted? I checked AWS documentations and it seems the following two are against each other. So I opened a ticket with AWS, and here is their answer: Technically yes, you can delete default VPC's and create a non-default VPC. Some services such as CloudFormer to create CloudFormation templates do searches … Continue reading Can AWS default VPC be deleted?