Rule: EC2 Instances Should Be in a VPC

This rule ensures all EC2 instances are in a VPC for security and network isolation.

Rule	EC2 instances should be in a VPC
Framework	GxP 21 CFR Part 11
Severity	✔ High

Rule Description

According to the GxP 21 CFR Part 11 regulations, all EC2 instances should be launched within a Virtual Private Cloud (VPC). The VPC provides a secure and isolated network environment for EC2 instances, ensuring data integrity, confidentiality, and compliance with GxP regulations.

Troubleshooting Steps (if applicable)

1.
Verify if the EC2 instance is already launched in a VPC.

2.
If the EC2 instance is not in a VPC, proceed with the remediation steps.

Remediation Steps

1.
Log in to the AWS Management Console.

2.
Navigate to the EC2 Dashboard.

Creating a new VPC

1.
Click on "Create VPC" button.

2.
In the "Name tag" field, provide an identifiable name for the VPC.

3.
Define the "CIDR block" for the VPC. Ensure the CIDR block does not conflict with any existing VPCs or IP ranges.

4.
Choose the tenancy option based on your requirements. (Shared or Dedicated)

5.
Click on "Create VPC" button to create the new VPC.

Configuring EC2 Instance

1.
Select the desired EC2 instance from the list or launch a new instance.

2.
In the "Configure Instance Details" section, select the newly created VPC under the "Network" dropdown menu.

3.
Choose the desired subnet within the VPC or create a new subnet within the VPC.

4.
Complete the remaining instance configuration details such as instance type, storage, security groups, etc.

5.
Review the configuration and click on the "Launch" button to launch the EC2 instance.

Verifying VPC Association

1.
Once the EC2 instance is launched, go to the EC2 Dashboard.

2.
Navigate to the "Instances" section and find the instance launched in the previous step.

3.
In the "Network Interfaces" section of the selected instance, verify that the VPC and subnet are correctly associated.

Troubleshooting (if applicable)

If the EC2 instance fails to launch or connect to the VPC, verify the following:

1.
Ensure the VPC and subnet IDs mentioned during instance launch are correct.

2.
Check if the security group assigned to the instance allows necessary inbound/outbound connections.

3.
Ensure there are no conflicts with IP ranges or CIDR blocks.

4.
Verify if the VPC's route table is properly configured to allow traffic to and from the internet or other necessary resources.

If the issue persists, consult AWS documentation or reach out to AWS support for further assistance.

Rule: EC2 Instances Should Be in a VPC

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Creating a new VPC

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Configuring EC2 Instance

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Verifying VPC Association

Is your System Free of Underlying Vulnerabilities? Find Out Now

Creating a new VPC

Configuring EC2 Instance

Verifying VPC Association

Is your System Free of Underlying Vulnerabilities?
Find Out Now