This rule states the requirement for removing EC2 stopped instances within a 30-day period.
Rule | EC2 stopped instances should be removed in 30 days |
Framework | CISA-cyber-essentials |
Severity | ✔ Low |
EC2 Stopped Instances Removal Policy for CISA Cyber Essentials
Rule Description
As part of the CISA Cyber Essentials framework, it is required to remove EC2 instances that have been stopped for a period exceeding 30 days. This rule helps maintain a secure and efficient AWS environment by properly managing unused resources, reducing potential security risks, and minimizing unnecessary costs.
Troubleshooting Steps (if applicable)
N/A
Necessary Code (if applicable)
N/A
Step-by-Step Guide for Remediation
1. Identify Stopped EC2 Instances
2. Filter Stopped Instances
3. Identify Instances Older Than 30 Days
4. Verify Instance Status
5. Take Note of Instance Details (if required)
6. Terminate the Stopped Instance
7. Repeat Steps 3-6 for Other Instances
8. Documentation (optional)
Conclusion
By following this AWS EC2 stopped instances removal policy, you ensure compliance with the CISA Cyber Essentials framework. Regularly removing stopped instances that exceed the 30-day threshold helps maintain an efficient and secure AWS environment.