Suspicious activity

EC2 Role is used from non-AWS IP address range

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

An EC2 role was used from an IP that doesn’t fall within the whitelisted AWS IP range. The request could be coming in from a bot or a malicious actor trying to gain unauthorized access to your infrastructure.
  • Recommended Mitigation

    Ensure that IPs outside the AWS IP range aren’t allowed to access your AWS resources or make API calls.