Json Yaml Missing Iam Instance Profile

Description

Detects AWS EC2 instances defined in CloudFormation templates that do not have an IAM instance profile (role) attached. EC2 instances without IAM roles cannot securely access AWS services and may resort to less secure authentication methods like hardcoded credentials.

Weakness:

333 - Insecure service configuration - EC2

Category: Functionality Abuse

Detection Strategy

• Identifies CloudFormation resource definitions of type 'AWS::EC2::Instance'

• Checks if the EC2 instance resource has an IamInstanceProfile property configured

• Reports a vulnerability when an EC2 instance is found without an associated IAM instance profile

Vulnerable code example

Resources:
  MyInstance:
    Type: AWS::EC2::Instance
    Properties:
      ImageId: ami-79fd7eee  # Security: Hardcoded AMI ID is a vulnerability - should use parameter/dynamic reference
      InstanceType: t2.micro

✅ Secure code example

AWSTemplateFormatVersion: '2010-09-09'
Description: Secure EC2 Instance Template

Parameters:
  ImageId:
    Type: AWS::EC2::Image::Id  # Security: Use parameter instead of hardcoded AMI
    Description: AMI ID for the EC2 instance
...

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.