Vendor services misconfigurations

Amazon EC2 instances launched using Auto Scaling group launch configurations should not have public IP addresses

Platform(s)
Compliance Frameworks
  • AWS Foundational Security Best Practices Controls
    • ,
  • CPRA
    • ,
  • iso_27001_2022
    • ,
  • iso_27002_2022
    • ,
  • Mitre ATT&CK
    • ,
  • mpa
    • ,
  • NIST 800-53

Description

Auto Scaling group is a logical grouping of instances for the purposes of automatic scaling and management. Amazon EC2 instances in an Auto Scaling group launch configuration should not have an associated public IP address, except for in limited edge cases. Amazon EC2 instances should only be accessible from behind a load balancer instead of being directly exposed to the internet. More information can be found here https://docs.aws.amazon.com/securityhub/latest/userguide/autoscaling-controls.html#autoscaling-5
Need help?

Get a free Security Risk Assessment. Start today

Personalized Demo

See Orca Security in Action

Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.

Get a Demo