Network misconfigurations

Ec2 Instance uses multiple ENIs

Platform(s)
Compliance Frameworks
  • AWS Foundational Security Best Practices Controls
  • ,
  • CCPA
  • ,
  • CPRA
  • ,
  • iso_27001_2022
  • ,
  • iso_27002_2022
  • ,
  • New Zealand Information Security Manual
  • ,
  • NIST 800-171
  • ,
  • NIST 800-190
  • ,
  • NIST 800-53
  • ,
  • PDPA
  • ,
  • UK Cyber Essentials

Description

Amazon EC2 Instance act as a virtual server in the cloud while Elastic Network Interfaces (ENI) represent a virtual network card in a VPC. It was detected that the EC2 instance {AwsEc2Instance} uses multiple ENIs. Using multiple ENIs adds network security complexity and can add unintended network paths and access. Read more about elastic network interface at: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html