AWS Services Connecting to Regions Outside My Selected Region

How to test to see if traffic is staying in the region you selected

Teri Radichel
Cloud Security
Published in
14 min readOct 29, 2024

--

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

⚙️ Check out my series on Automating Cybersecurity Metrics. The Code.

🔒 Related Stories: AWS Security | Cloud Security Architecture | Network Security

💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

More than once now I’ve had things fail because something is the AWS console is connecting to something outside my selected region. How do I know this?

Identifying traffic using the published AWS IP ranges

Because I have a very restrictive IP list and domain list in my firewall. I only allow things in the AWS JSON IP list and I would hope that anything in the AWS console would be in this list:

Unfortunately I just wrote about how some IPs used by AWS Session Manager were not in the JSON IP list when I wrote this post — hopefully that has been fixed.

--

--

Teri Radichel
Teri Radichel

Written by Teri Radichel

CEO 2nd Sight Lab | Penetration Testing & Assessments | AWS Hero | Masters of Infosec & Software Engineering | GSE 240 etc | IANS | SANS Difference Makers Award