Trending News: Which AI model should I use with GitHub Copilot?College students in the U.S. are now eligible for the best of Google AI — and 2 TB storage — for freeDevelopers can now start building with Gemini 2.5 Flash.Our new C2S-Scale LLM helps researchers have conversations with cells.Beyond Lines of Code: Redefining Developer Productivity and Purpose in the Agentic AI EraAI Bites Back: Researchers Develop Model to Detect Malaria Amid Venezuelan Gold RushSpring Into Action With 11 New Games on GeForce NOWGoogle Classroom is expanding to more than 15 additional languages.How we keep Search fast and reliableGitHub Availability Report: March 2025Leaders Race to Bridge ‘AI Trust Gap’ for Wary EmployeesKaggle and the Wikimedia Foundation are partnering on open data.Isomorphic Labs Rethinks Drug Discovery With AISee how Wake Forest University redefined its cybersecurity with Google Workspace for Education Plus.Record-Breaking Growth: Data Cloud & AI Annual Recurring Revenue Reached the $900M Milestone in FY25, Proving Data Cloud’s Role as the Intelligent Activation Layer for Enterprise AIInto the Omniverse: How Digital Twins Are Scaling Industrial AIOur 2024 Ads Safety Report shows how we use AI to safeguard consumers.Math Test? No Problems: NVIDIA Team Scores Kaggle Win With Reasoning ModelEverywhere, All at Once: NVIDIA Drives the Next Phase of AI GrowthThousands of NVIDIA Grace Blackwell GPUs Now Live at CoreWeave, Propelling Development for AI PioneersGenerate videos in Gemini and Whisk with Veo 2Nothing like the last minute! Tax-related searches are spiking in the U.S.When to choose GitHub-Hosted runners or self-hosted runners with GitHub ActionsInsight vs. Instinct? Under Increased Pressure, Leaders Grapple with Data Skepticism in Decision-MakingSalesforce Redefines Business Intelligence with Tableau Next: AI Agents Transform How Businesses Turn Data into ActionHere’s an update on our use of country code top-level domains.Our first geothermal energy deal in AsiaShould You Feel Guilty Using AI Agents at Work?AWS Weekly Review: Amazon S3 Express One Zone price cuts, Pixtral Large on Amazon Bedrock, Amazon Nova Sonic, and more (April 14, 2025)Consumers Are Ready for AI Agents. Are Businesses?Automating the Mundane: How Formstack is Driving Efficiency and Case Deflection with Agentforce Celebrate World Quantum Day with this mesmerizing DoodleGitHub for Beginners: Security best practices with GitHub CopilotWhere Nature Meets AI: Salesforce’s Model for Impact InnovationNVIDIA to Manufacture American-Made AI Supercomputers in US for First TimeDolphinGemma: How Google AI is helping decode dolphin communication3 real-world problems that quantum computers could help solveIntroducing sub-issues: Enhancing issue management on GitHub9 business leaders on what’s possible with Google AIWhat the heck is MCP and why is everyone talking about it?The AI Paradox: Untangling Employee Hesitation to Unleash Agentic AIBeyond CAD: How nTop Uses AI and Accelerated Computing to Enhance Product Design6 highlights from Google Cloud Next 25Pixel 9a’s 3 big design updatesAnnouncing up to 85% price reductions for Amazon S3 Express One ZoneHow we’re making security easier for the average developerA short film program to explore AI on screenPixel 9a is available now.The Agentic Maturity Model: A 4-Step Roadmap for CIOs to Succeed in the Agentic Era(AI)ways a Cut Above: GeForce RTX 50 Series Accelerates New DaVinci Resolve 20 Studio Video Editing SoftwareMyth and Mystery Await: GeForce NOW Brings ‘South of Midnight’ to the Cloud at LaunchPixel 9a is available nowServing up tennis history with magazine archives and NotebookLMNVIDIA Celebrates Partners of the Year Advancing AI in Europe, Middle East and AfricaOur investment in AI-powered solutions for the electric gridHow to request a change to a CVE record‘Black Women in Artificial Intelligence’ Founder Talks AI Education and EmpowermentGoogle Cloud Next 25: New AI capabilities to transform your businessSalesforce Brings Agentic AI to the Field Service Sector to Tackle Scheduling, Reporting, and On-the-Job TroubleshootingHow Agentforce Automates Field Service Tasks, Easing Skilled Labor Shortage StrainTradespeople, Techs Waste Nearly a Full Day’s Work Weekly on Paperwork, 81% Think AI Agents Can HelpNVIDIA Brings Agentic AI Reasoning to Enterprises With Google CloudIronwood: The first Google TPU for the age of inferenceGoogle Cloud: the platform for scientific discoveryGoogle Workspace adds new AI tools to Docs, Sheets, Chat and more.Check out the latest features from Google Agentspace at Google Cloud Next.New video, image, speech and music generative AI tools are coming to Vertex AI.Here’s what’s new with our Google Cloud AI Hypercomputer.Google Cloud Next 25The AI magic behind Sphere’s upcoming ‘The Wizard of Oz’ experienceIntroducing Amazon Nova Sonic: Human-like voice conversations for generative AI applicationsAWS announces Pixtral Large 25.02 model in Amazon Bedrock serverlessDeep Research is now available on Gemini 2.5 Pro Experimental.We’re introducing a new way to analyze geospatial data.Found means fixed: Reduce security debt at scale with GitHub security campaigns‘Bazooka Innovation’ for Professional Services: How Certinia and Agentforce Drive Customer SuccessAdding AI to Workflows? Here’s What Indeed Has LearnedAmazon Bedrock Guardrails enhances generative AI application safety with new capabilitiesVisit Brazil’s Piratini Palace virtually on Google Arts & Culture.The AI opportunity for Europe’s climate goalsGit turns 20: A Q&A with Linus TorvaldsAmazon Nova Reel 1.1: Featuring up to 2-minutes multi-shot videosAWS Weekly Review: Amazon EKS, Amazon OpenSearch, Amazon API Gateway, and more (April 7, 2025)The Changing Role of Developers in the Age of AI Agents“Bazooka Innovation” for Professional Services: How Certinia and Agentforce are Driving Customer SuccessBringing multimodal search to AI ModeNew AI-powered experiments from Google Arts & Culture Artists in Residence5 ways to use Gemini Live with camera and screen sharingNew ways AI helps keep business information trustworthyQuantum computing education for global policy leaders25 startups using AI to transform healthcareNational Robotics Week — Latest Physical AI Research, Breakthroughs and ResourcesCopado and Agentforce: Automating Release Notes and Accelerating Production DeploymentsCelebrating Microsoft’s 50 yearsVibe coding with GitHub Copilot: Agent mode and MCP support rolling out to all VS Code usersSay Hello to Your New Colleague, the AI AgentYour AI CompanionThe latest AI news we announced in MarchStart building with Gemini 2.5 Pro.How Enterprise General Intelligence (EGI) Will Form a New Business Imperative
Fri. Apr 18th, 2025
Trending News: Which AI model should I use with GitHub Copilot?College students in the U.S. are now eligible for the best of Google AI — and 2 TB storage — for freeDevelopers can now start building with Gemini 2.5 Flash.Our new C2S-Scale LLM helps researchers have conversations with cells.Beyond Lines of Code: Redefining Developer Productivity and Purpose in the Agentic AI EraAI Bites Back: Researchers Develop Model to Detect Malaria Amid Venezuelan Gold RushSpring Into Action With 11 New Games on GeForce NOWGoogle Classroom is expanding to more than 15 additional languages.How we keep Search fast and reliableGitHub Availability Report: March 2025Leaders Race to Bridge ‘AI Trust Gap’ for Wary EmployeesKaggle and the Wikimedia Foundation are partnering on open data.Isomorphic Labs Rethinks Drug Discovery With AISee how Wake Forest University redefined its cybersecurity with Google Workspace for Education Plus.Record-Breaking Growth: Data Cloud & AI Annual Recurring Revenue Reached the $900M Milestone in FY25, Proving Data Cloud’s Role as the Intelligent Activation Layer for Enterprise AIInto the Omniverse: How Digital Twins Are Scaling Industrial AIOur 2024 Ads Safety Report shows how we use AI to safeguard consumers.Math Test? No Problems: NVIDIA Team Scores Kaggle Win With Reasoning ModelEverywhere, All at Once: NVIDIA Drives the Next Phase of AI GrowthThousands of NVIDIA Grace Blackwell GPUs Now Live at CoreWeave, Propelling Development for AI PioneersGenerate videos in Gemini and Whisk with Veo 2Nothing like the last minute! Tax-related searches are spiking in the U.S.When to choose GitHub-Hosted runners or self-hosted runners with GitHub ActionsInsight vs. Instinct? Under Increased Pressure, Leaders Grapple with Data Skepticism in Decision-MakingSalesforce Redefines Business Intelligence with Tableau Next: AI Agents Transform How Businesses Turn Data into ActionHere’s an update on our use of country code top-level domains.Our first geothermal energy deal in AsiaShould You Feel Guilty Using AI Agents at Work?AWS Weekly Review: Amazon S3 Express One Zone price cuts, Pixtral Large on Amazon Bedrock, Amazon Nova Sonic, and more (April 14, 2025)Consumers Are Ready for AI Agents. Are Businesses?Automating the Mundane: How Formstack is Driving Efficiency and Case Deflection with Agentforce Celebrate World Quantum Day with this mesmerizing DoodleGitHub for Beginners: Security best practices with GitHub CopilotWhere Nature Meets AI: Salesforce’s Model for Impact InnovationNVIDIA to Manufacture American-Made AI Supercomputers in US for First TimeDolphinGemma: How Google AI is helping decode dolphin communication3 real-world problems that quantum computers could help solveIntroducing sub-issues: Enhancing issue management on GitHub9 business leaders on what’s possible with Google AIWhat the heck is MCP and why is everyone talking about it?The AI Paradox: Untangling Employee Hesitation to Unleash Agentic AIBeyond CAD: How nTop Uses AI and Accelerated Computing to Enhance Product Design6 highlights from Google Cloud Next 25Pixel 9a’s 3 big design updatesAnnouncing up to 85% price reductions for Amazon S3 Express One ZoneHow we’re making security easier for the average developerA short film program to explore AI on screenPixel 9a is available now.The Agentic Maturity Model: A 4-Step Roadmap for CIOs to Succeed in the Agentic Era(AI)ways a Cut Above: GeForce RTX 50 Series Accelerates New DaVinci Resolve 20 Studio Video Editing SoftwareMyth and Mystery Await: GeForce NOW Brings ‘South of Midnight’ to the Cloud at LaunchPixel 9a is available nowServing up tennis history with magazine archives and NotebookLMNVIDIA Celebrates Partners of the Year Advancing AI in Europe, Middle East and AfricaOur investment in AI-powered solutions for the electric gridHow to request a change to a CVE record‘Black Women in Artificial Intelligence’ Founder Talks AI Education and EmpowermentGoogle Cloud Next 25: New AI capabilities to transform your businessSalesforce Brings Agentic AI to the Field Service Sector to Tackle Scheduling, Reporting, and On-the-Job TroubleshootingHow Agentforce Automates Field Service Tasks, Easing Skilled Labor Shortage StrainTradespeople, Techs Waste Nearly a Full Day’s Work Weekly on Paperwork, 81% Think AI Agents Can HelpNVIDIA Brings Agentic AI Reasoning to Enterprises With Google CloudIronwood: The first Google TPU for the age of inferenceGoogle Cloud: the platform for scientific discoveryGoogle Workspace adds new AI tools to Docs, Sheets, Chat and more.Check out the latest features from Google Agentspace at Google Cloud Next.New video, image, speech and music generative AI tools are coming to Vertex AI.Here’s what’s new with our Google Cloud AI Hypercomputer.Google Cloud Next 25The AI magic behind Sphere’s upcoming ‘The Wizard of Oz’ experienceIntroducing Amazon Nova Sonic: Human-like voice conversations for generative AI applicationsAWS announces Pixtral Large 25.02 model in Amazon Bedrock serverlessDeep Research is now available on Gemini 2.5 Pro Experimental.We’re introducing a new way to analyze geospatial data.Found means fixed: Reduce security debt at scale with GitHub security campaigns‘Bazooka Innovation’ for Professional Services: How Certinia and Agentforce Drive Customer SuccessAdding AI to Workflows? Here’s What Indeed Has LearnedAmazon Bedrock Guardrails enhances generative AI application safety with new capabilitiesVisit Brazil’s Piratini Palace virtually on Google Arts & Culture.The AI opportunity for Europe’s climate goalsGit turns 20: A Q&A with Linus TorvaldsAmazon Nova Reel 1.1: Featuring up to 2-minutes multi-shot videosAWS Weekly Review: Amazon EKS, Amazon OpenSearch, Amazon API Gateway, and more (April 7, 2025)The Changing Role of Developers in the Age of AI Agents“Bazooka Innovation” for Professional Services: How Certinia and Agentforce are Driving Customer SuccessBringing multimodal search to AI ModeNew AI-powered experiments from Google Arts & Culture Artists in Residence5 ways to use Gemini Live with camera and screen sharingNew ways AI helps keep business information trustworthyQuantum computing education for global policy leaders25 startups using AI to transform healthcareNational Robotics Week — Latest Physical AI Research, Breakthroughs and ResourcesCopado and Agentforce: Automating Release Notes and Accelerating Production DeploymentsCelebrating Microsoft’s 50 yearsVibe coding with GitHub Copilot: Agent mode and MCP support rolling out to all VS Code usersSay Hello to Your New Colleague, the AI AgentYour AI CompanionThe latest AI news we announced in MarchStart building with Gemini 2.5 Pro.How Enterprise General Intelligence (EGI) Will Form a New Business Imperative
Fri. Apr 18th, 2025

AWS CloudTrail network activity events for VPC endpoints now generally available

Today, I’m happy to announce the general availability of network activity events for Amazon Virtual Private Cloud (Amazon VPC) endpoints in AWS CloudTrail. This feature helps you to record and monitor AWS API activity traversing your VPC endpoints, helping you strengthen your data perimeter and implement better detective controls.

Previously, it was hard to detect potential data exfiltration attempts and unauthorized access to the resources within your network through VPC endpoints. While VPC endpoint policies could be configured to prevent access from external accounts, there was no built-in mechanism to log denied actions or detect when external credentials were used at a VPC endpoint. This often required you to build custom solutions to inspect and analyze TLS traffic, which could be operationally costly and negate the benefits of encrypted communications.

With this new capability, you can now opt in to log all AWS API activity passing through your VPC endpoints. CloudTrail records these events as a new event type called network activity events, which capture both control plane and data plane actions passing through a VPC endpoint.

Network activity events in CloudTrail provide several key benefits:

  • Comprehensive visibility – Log all API activity traversing VPC endpoints, regardless of the AWS account initiating the action.
  • External credential detection – Identify when credentials from outside your organization are accessing your VPC endpoint.
  • Data exfiltration prevention – Detect and investigate potential unauthorized data movement attempts.
  • Enhanced security monitoring – Gain insights into all AWS API activity at your VPC endpoints without the need to decrypt TLS traffic.
  • Visibility for regulatory compliance – Improve your ability to meet regulatory requirements by tracking all API activity passing through.

Getting started with network activity events for VPC endpoint logging
To enable network activity events, I go to the AWS CloudTrail console and choose Trails in the navigation pane. I choose Create trail to create a new one. I enter a name in the Trail name field and choose an Amazon Simple Storage Service (Amazon S3) bucket to store the event logs. When I create a trail in CloudTrail, I can specify an existing Amazon S3 bucket or create a new bucket to store my trail’s event logs.

If you set Log file SSE-KMS encryption to Enabled, you have two options: Choose New to create a new AWS Key Management Service (AWS KMS) key or choose Existing to choose an existing KMS key. If you chose New, you need to type an alias in the AWS KMS alias field. CloudTrail encrypts your log files with this KMS key and adds the policy for you. The KMS key and Amazon S3 must be in the same AWS Region. For this example, I use an existing KMS key. I enter the alias in the AWS KMS alias field and leave the rest as default for this demo. I choose Next for the next step.

In the Choose log events step, I choose Network activity events under Events. I choose the event source from the list of AWS services, such as cloudtrail.amazonaws.com, ec2.amazonaws.com, kms.amazonaws.com, s3.amazonaws.com, and secretsmanager.amazonaws.com. I add two network activity event sources for this demo. For the first source, I select ec2.amazonaws.com option. For Log selector template, I can use templates for common use cases or create fine-grained filters for specific scenarios. For example, to log all API activities traversing the VPC endpoint, I can choose the Log all events template. I choose Log network activity access denied events template to log only access denied events. Optionally, I can enter a name in the Selector name field to identify the log selector template, such as Include network activity events for Amazon EC2.

As a second example, I choose Custom to create custom filters on multiple fields, such as eventName and vpcEndpointId. I can specify specific VPC endpoint IDs or filter the results to include only the VPC endpoints that match specific criteria. For Advanced event selectors, I choose vpcEndpointId from the Field dropdown, choose equals as Operator, and enter the VPC endpoint ID. When I expand the JSON view, I can see my event selectors as a JSON block. I choose Next and after reviewing the selections, I choose Create trail.

After it’s configured, CloudTrail will begin logging network activity events for my VPC endpoints, helping me analyze and act on this data. To analyze AWS CloudTrail network activity events, you can use the CloudTrail console, AWS Command Line Interface (AWS CLI), and AWS SDK to retrieve relevant logs. You can also use CloudTrail Lake to capture, store and analyze your network activity events. If you are using Trails, you can use Amazon Athena to query and filter these events based on specific criteria. Regular analysis of these events can help you maintain security, comply with regulations, and optimize your network infrastructure in AWS.

Now available
CloudTrail network activity events for VPC endpoint logging provide you with a powerful tool to enhance your security posture, detect potential threats, and gain deeper insights into your VPC network traffic. This feature addresses your critical needs for comprehensive visibility and control over your AWS environments.

Network activity events for VPC endpoints are available in all commercial AWS Regions.

For pricing information, visit AWS CloudTrail pricing.

To get started with CloudTrail network activity events, visit AWS CloudTrail. For more information on CloudTrail and its features, refer to the AWS CloudTrail documentation.

— Esra

Blog Article: Here

    • Ascendant Bot

    Related Posts

    GitHub Availability Report: March 2025
    GitHub Availability Report: March 2025

    In March, we experienced one incident that resulted in degraded performance across GitHub services.

    The post GitHub Availability Report: March 2025 appeared first on The GitHub Blog.

    Continue reading
    AWS Weekly Review: Amazon S3 Express One Zone price cuts, Pixtral Large on Amazon Bedrock, Amazon Nova Sonic, and more (April 14, 2025)
    AWS Weekly Review: Amazon S3 Express One Zone price cuts, Pixtral Large on Amazon Bedrock, Amazon Nova Sonic, and more (April 14, 2025)

    The Amazon Web Services (AWS) Summit 2025 season launched this week, starting with the Paris Summit. These free events bring together the global cloud computing community for learning and collaboration. AWS Community Day Romania, held on April 11th, showcased how the local community creates opportunities for collective growth and inclusion. Last week’s launches Announcing up […]

    Continue reading

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    You Missed

    agentic AI AI coding tools AI models Generative AI GitHub GitHub Copilot

    Which AI model should I use with GitHub Copilot?

    Which AI model should I use with GitHub Copilot?
    Gemini App Google

    College students in the U.S. are now eligible for the best of Google AI — and 2 TB storage — for free

    College students in the U.S. are now eligible for the best of Google AI — and 2 TB storage — for free
    Gemini Models Google

    Developers can now start building with Gemini 2.5 Flash.

    Developers can now start building with Gemini 2.5 Flash.
    Deep Research Google

    Our new C2S-Scale LLM helps researchers have conversations with cells.

    Our new C2S-Scale LLM helps researchers have conversations with cells.
    Salesforce Uncategorized

    Beyond Lines of Code: Redefining Developer Productivity and Purpose in the Agentic AI Era

    Beyond Lines of Code: Redefining Developer Productivity and Purpose in the Agentic AI Era
    CUDA Deep Research GPU In the NVIDIA Studio

    AI Bites Back: Researchers Develop Model to Detect Malaria Amid Venezuelan Gold Rush

    AI Bites Back: Researchers Develop Model to Detect Malaria Amid Venezuelan Gold Rush