Network misconfigurations

Ec2 instance with public IPv4 address

Description

AWS EC2 instances can be assigned with a public ip, which allows the instances to connect with resources outside of the Virtual Private Cloud (VPC). It was found that the EC2 instance {AwsEc2Instance} has a public IPv4 address {AwsEc2Instance.PublicIpAddress}. Without extra security control such as Security Group or Access Control List, the instance could be accessible publicly and may be subject to attacks
  • Recommended Mitigation

    It is recommended to provide extra security measures that control the access to the EC2 instance. Make sure to review the configurations and guarantee these controls are in place. It is also suggested to use private IP for internal consummation, if possible. For more details please see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-instance-addressing.html#concepts-public-addresses" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-instance-addressing.html#concepts-public-addresses</a>