This rule ensures that EC2 instance detailed monitoring is enabled to meet compliance standards.
Rule | EC2 instance detailed monitoring should be enabled |
Framework | NIST Cybersecurity Framework (CSF) v1.1 |
Severity | ✔ Medium |
Rule: Enable detailed monitoring for EC2 instances as per NIST CSF v1
Description:
Enabling detailed monitoring for Amazon Elastic Compute Cloud (EC2) instances is a vital security measure to comply with the NIST Cybersecurity Framework (CSF) version 1. Detailed monitoring provides enhanced visibility into the performance and operational aspects of EC2 instances, allowing for better resource utilization, troubleshooting, and analysis of potential security incidents.
Troubleshooting Steps:
If you encounter any issues while enabling detailed monitoring for EC2 instances, follow these troubleshooting steps:
Necessary Codes:
No specific codes are required for this rule; however, you may need to execute AWS CLI commands to remediate or verify compliance.
Remediation Steps:
Follow these step-by-step instructions to enable detailed monitoring for an EC2 instance:
CLI Command for Verification:
To verify if detailed monitoring is enabled for an EC2 instance using the AWS CLI, execute the following command:
aws ec2 describe-instance-monitoring --instance-id <your-instance-id>
Ensure to replace
<your-instance-id>
with the actual ID of the EC2 instance you want to check.Note:
Enabling detailed monitoring for EC2 instances may incur additional costs, so make sure to review the associated charges and align with your budget and billing requirements. It is recommended to enable detailed monitoring selectively for critical instances or during investigation of specific issues, rather than enabling it for all instances in a default manner.