Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: EC2 Instance Detailed Monitoring Should Be Enabled

This rule mandates enabling detailed monitoring for EC2 instances.

RuleEC2 instance detailed monitoring should be enabled
FrameworkFedRAMP Moderate Revision 4
Severity
Medium

Rule Description:

Enabling detailed monitoring for Amazon EC2 instances is a requirement for ensuring compliance with the FedRAMP (Federal Risk and Authorization Management Program) Moderate Revision 4 security standard. Detailed monitoring provides more frequent and granular monitoring of EC2 instances, enhancing visibility into the system's performance and enabling better troubleshooting and analysis.

Troubleshooting Steps:

If detailed monitoring is not yet enabled for the EC2 instances, follow the steps below to enable it:

  1. 1.

    Identify the EC2 instances: Determine which EC2 instances need to have detailed monitoring enabled.

  2. 2.

    Access the EC2 Management Console: Log in to the AWS Management Console and navigate to the EC2 dashboard.

  3. 3.

    Enable detailed monitoring: Select the desired EC2 instance and click on the "Actions" button. From the dropdown menu, choose "Monitor and troubleshoot," and then click on "Enable detailed monitoring."

  4. 4.

    Configure monitoring settings: Follow the prompts to specify the desired monitoring interval and other settings. It is recommended to set the monitoring interval to 1 minute for better visibility. Click on "Configure monitoring" to save the settings.

  5. 5.

    Verify and repeat: Check if the detailed monitoring is enabled successfully by selecting the EC2 instance and viewing the monitoring details. Repeat these steps for any other instances that require detailed monitoring.

Code:

There is no specific code snippet required for enabling detailed monitoring in this case. The process can be accomplished through the AWS Management Console.

Remediation Guide:

  1. 1.

    Log in to the AWS Management Console using your credentials.

  2. 2.

    Navigate to the EC2 service.

  3. 3.

    Identify the EC2 instances for which detailed monitoring should be enabled.

  4. 4.

    Select the desired EC2 instance by clicking on it.

  5. 5.

    Click on the "Actions" button in the top navigation menu.

  6. 6.

    From the dropdown menu, select "Monitor and troubleshoot."

  7. 7.

    Click on "Enable detailed monitoring."

  8. 8.

    Follow the prompts to configure the monitoring settings.

  9. 9.

    Specify the desired monitoring interval, such as 1 minute, for enhanced visibility.

  10. 10.

    Click on "Configure monitoring" to save the settings.

  11. 11.

    Verify the successful enabling of detailed monitoring by selecting the EC2 instance and checking the monitoring details.

  12. 12.

    Repeat the above steps for any other EC2 instances that require detailed monitoring.

Enabling detailed monitoring for EC2 instances helps to meet the compliance requirements of FedRAMP Moderate Revision 4. It strengthens the monitoring capabilities and enhances the overall security posture of the system.

Is your System Free of Underlying Vulnerabilities?
Find Out Now