https://github.com/osquery/osquery logo
#general
Title
# general
j

Jason NG

06/30/2021, 1:29 AM
Hi everyone, just a quick question. Since for tls mode, authentication and enrollment is needed. Is it possible to do this on a lambda function? I am asking this because i am trying to use lambda as a central management server where it can query the endpoints. Please do let me know if it does not make sense to do this. Just exploring options. Thanks!
s

seph

06/30/2021, 1:19 PM
Yes, there are several ways you could make this work.
the general flow here, is that osquery enrolls using a secret from the local machine. The TLS endpoint returns a node key. This node key is used for all subsequent queries.
There are many ways you could do that in AWS lambda. * You record node keys in some backing store. * You could issue something like a signed jwt * Probably more
Depends a lot on your goals
5 Views