Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: EC2 Instance Detailed Monitoring Should Be Enabled

This rule ensures that EC2 instance detailed monitoring is enabled to meet compliance standards.

RuleEC2 instance detailed monitoring should be enabled
FrameworkNIST Cybersecurity Framework (CSF) v1.1
Severity
Medium

Rule: Enable detailed monitoring for EC2 instances as per NIST CSF v1

Description:

Enabling detailed monitoring for Amazon Elastic Compute Cloud (EC2) instances is a vital security measure to comply with the NIST Cybersecurity Framework (CSF) version 1. Detailed monitoring provides enhanced visibility into the performance and operational aspects of EC2 instances, allowing for better resource utilization, troubleshooting, and analysis of potential security incidents.

Troubleshooting Steps:

If you encounter any issues while enabling detailed monitoring for EC2 instances, follow these troubleshooting steps:

  1. 1.
    Ensure you have the necessary permissions to modify EC2 instance settings.
  2. 2.
    Verify that the EC2 instance is running and accessible via the AWS Management Console or command-line interface.
  3. 3.
    Double-check if the instance is in a supported region for detailed monitoring. Not all regions may support this feature.
  4. 4.
    Validate your AWS CloudWatch agent configuration, as it should be properly installed and up-to-date.
  5. 5.
    Make sure the instance has internet connectivity to communicate with the CloudWatch service.
  6. 6.
    Check if a previously enabled detailed monitoring requires a billing adjustment in case you are utilizing AWS Free Tier and exceeding the limits.

Necessary Codes:

No specific codes are required for this rule; however, you may need to execute AWS CLI commands to remediate or verify compliance.

Remediation Steps:

Follow these step-by-step instructions to enable detailed monitoring for an EC2 instance:

  1. 1.
    Open the AWS Management Console and navigate to the EC2 service.
  2. 2.
    Select the EC2 instance for which you want to enable detailed monitoring.
  3. 3.
    Right-click on the instance and choose "Manage Instance".
  4. 4.
    In the left navigation pane, click on "Monitoring".
  5. 5.
    Click on the "Enable Detailed Monitoring" button.
  6. 6.
    Review the additional charges associated with detailed monitoring.
  7. 7.
    Click on "Enable" to confirm the activation of detailed monitoring.
  8. 8.
    Wait for a few minutes to allow the changes to propagate.
  9. 9.
    Verify if detailed monitoring is enabled by checking the CloudWatch dashboard or using AWS CLI commands.

CLI Command for Verification:

To verify if detailed monitoring is enabled for an EC2 instance using the AWS CLI, execute the following command:

aws ec2 describe-instance-monitoring --instance-id <your-instance-id>

Ensure to replace

<your-instance-id>
with the actual ID of the EC2 instance you want to check.

Note:

Enabling detailed monitoring for EC2 instances may incur additional costs, so make sure to review the associated charges and align with your budget and billing requirements. It is recommended to enable detailed monitoring selectively for critical instances or during investigation of specific issues, rather than enabling it for all instances in a default manner.

Is your System Free of Underlying Vulnerabilities?
Find Out Now