Hi everyone, just a quick question. Since for tls ...
# generalj
Jason NG
06/30/2021, 1:29 AMHi everyone, just a quick question. Since for tls mode, authentication and enrollment is needed. Is it possible to do this on a lambda function? I am asking this because i am trying to use lambda as a central management server where it can query the endpoints. Please do let me know if it does not make sense to do this. Just exploring options. Thanks!
s
seph
06/30/2021, 1:19 PM
Yes, there are several ways you could make this work.
seph
06/30/2021, 1:19 PM
the general flow here, is that osquery enrolls using a secret from the local machine. The TLS endpoint returns a node key. This node key is used for all subsequent queries.
seph
06/30/2021, 1:20 PM
There are many ways you could do that in AWS lambda.
* You record node keys in some backing store.
* You could issue something like a signed jwt
* Probably more
seph
06/30/2021, 1:20 PM
Depends a lot on your goals
5 Views