Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: VPC Subnet Auto Assign Public IP Should Be Disabled

This rule ensures that VPC subnets do not automatically assign public IP addresses, enhancing network security.

RuleVPC subnet auto assign public IP should be disabled
FrameworkFedRAMP Low Revision 4
Severity
Medium

Rule Description

The VPC subnet auto assign public IP feature should be disabled for FedRAMP Low Revision 4 compliance. This rule ensures that instances within the Amazon Virtual Private Cloud (VPC) do not automatically receive a public IP address. By disabling this feature, instances are only assigned a private IP address, thus reducing the attack surface and potential exposure to the public network.

Remediation Steps

To comply with the FedRAMP Low Revision 4 requirements, the VPC subnet auto assign public IP feature needs to be disabled. Below are step-by-step instructions to remediate this issue.

Step 1: Access the AWS Management Console

Login to the AWS Management Console using appropriate credentials.

Step 2: Navigate to VPC Dashboard

Go to the VPC Dashboard by clicking on the "Services" dropdown, selecting "VPC" under the "Networking & Content Delivery" section.

Step 3: Select the VPC

In the VPC Dashboard, select the VPC that needs to be configured.

Step 4: Navigate to Subnets

Click on "Subnets" in the left navigation pane to view the list of subnets within the selected VPC.

Step 5: Select the desired Subnet

Identify the specific subnet where the VPC subnet auto assign public IP feature should be disabled.

Step 6: Modify Subnet Attributes

Right-click on the selected subnet and choose "Modify auto-assign IP settings" from the context menu.

Step 7: Disable Auto-Assign Public IP

In the "Modify auto-assign IP settings" window, uncheck the box for "Auto-assign public IPv4 address".

Step 8: Save Changes

Click on the "Save" button to apply the changes to the subnet.

Troubleshooting Steps

There are no specific troubleshooting steps for this rule as it involves a straightforward configuration change. However, if there are any issues encountered during the process, ensure the following:

  • Verify that you have the necessary permissions to modify VPC configurations.
  • Double-check that the correct subnet has been selected for modification.
  • In case of any error messages, refer to the AWS documentation or seek assistance from AWS support.

Please note that remediation steps might vary slightly depending on specific AWS regions or updates to the AWS Management Console UI, but the general process remains the same.

Is your System Free of Underlying Vulnerabilities?
Find Out Now