Insecure service configuration - EC2 | Fluid Attacks Database

Database

Description

Some EC2 instances have insecure configurations that an attacker can use to access or interrupt critical application processes

Impact

Compromise the security of one or several EC2 Instances

Recommendation

Perform a hardening process over all the EC2 instances, by following the recommended best practices

Threat

Internet attacker with access to the AWS console.

Expected Remediation Time

⏱️ 45 minutes.

Requirements

266 - Disable insecure functionalities

Rules

Aws Multiple Network Interfaces Aws Unencrypted Snapshots Aws Terminate Shutdown Behavior Aws Modify Instance Attribute Aws Unapproved Amis Aws Associate Public Ip Aws Using Imds V1 Aws Unused Key Pairs Aws Unencrypted Amis Aws Instances Without Iam Profile Aws Publicly Shared Amis Terraform Associate Public Ip Address True Terraform Missing Iam Instance Profile Json Yaml Misconfigured Public Ip Address Json Yaml Missing Iam Instance Profile

Fixes

Aws Cloudformation