Aws Terminate Shutdown Behavior
Description
Detects EC2 instances that are configured to automatically terminate when a shutdown is initiated. This configuration can lead to accidental instance termination and data loss since the instance and its data will be permanently deleted instead of being stopped and preserved for future use.
Detection Strategy
• Checks if the EC2 instance is part of an Auto Scaling group - if it is, no vulnerability is reported
• For standalone EC2 instances, examines the instanceInitiatedShutdownBehavior attribute
• Reports a vulnerability if the shutdown behavior is set to 'terminate' instead of 'stop'
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan.If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.