This rule ensures that EC2 instances do not have public IP addresses for enhanced security.
Rule | EC2 instances should not have a public IP address |
Framework | SOC 2 |
Severity | ✔ High |
Rule Description:
In order to comply with SOC 2 standards, EC2 instances should not have a public IP address assigned to them. Having a public IP address on an EC2 instance can expose it to potential security risks, as it allows direct access from the internet. Disabling public IP addresses helps to maintain a secure and controlled environment for sensitive data and systems.
Rule Remediation:
Follow the step-by-step guide below to disable public IP addresses for EC2 instances:
Identify EC2 instances with public IP addresses:
Note down the instance IDs of the EC2 instances with public IP addresses.
Update the security groups associated with the EC2 instances:
Update the instance configuration:
Verify the changes:
Troubleshooting Steps:
Code:
No specific code is necessary for this remediation as it involves configuration changes through the Amazon EC2 Management Console.
Notes: