Risk Level: Low
Cloud Entity: Amazon EC2 Instance
CloudGuard Rule ID: D9.AWS.IAM.54
Instance should not have profileArn isEmpty()
Steps 1 is to create new rule
- Navigate to the AWS console IAM dashboard.
- In the navigation pane, select Roles, Create new role.
- Under 'Select the service that will use this role' select EC2, then 'Next:Permissions.'
- On the Attach permissions policies page, select an AWS managed policy that grants your instance access to the resources that they need, then 'Next:Tags.'
- Add tags (optional), the select 'Next:Review.'
- On the Create role and Review page, type a name for the role and Select Create role.
Note: Following steps are used to attach or replace IAM role for Ec2 instances:
- Navigate to the AWS console EC2 dashboard.
- Select Running Instances.
- Select the instance you want to modify.
- Click on security tab and ensure instance role is added there. Attach/Replace IAM Role in case needed.
- On the Attach/Replace IAM Role page, under the IAM role pull down menu, select the role created in the IAM steps above.
Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers.
- AWS CIS Foundations v. 1.1.0
- AWS CIS Foundations v. 1.2.0
- AWS CIS Foundations v. 1.3.0
- AWS CIS Foundations v. 1.4.0
- AWS CIS Foundations v. 1.5.0
- AWS CloudGuard Best Practices
- AWS CloudGuard SOC2 based on AICPA TSC 2017
- AWS CloudGuard Well Architected Framework
- AWS HITRUST
- AWS HITRUST v11.0.0
- AWS ITSG-33
- AWS MAS TRM Framework
- AWS MITRE ATT&CK Framework v10
- AWS NIST 800-53 Rev 5
Updated 6 months ago