Protecting EC2 instances Archives - AWS Security Architect https://awssecurityarchitect.com/tag/protecting-ec2-instances/ Experienced AWS, GCP and Azure Security Architect Sun, 25 Sep 2022 06:19:10 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.5 214477604 Protecting EC2 instances on AWS – Basic EC2 Security https://awssecurityarchitect.com/ec2-security/protecting-ec2-instances-on-aws-basic-ec2-security/ https://awssecurityarchitect.com/ec2-security/protecting-ec2-instances-on-aws-basic-ec2-security/#respond Sat, 24 Sep 2022 16:25:55 +0000 https://awssecurityarchitect.com/?p=57 Also read – No Ingress EC2 Instances Here are a couple of simple, yet often ignored, best practices around EC2 instance access. Access to EC2 instances via Systems Manager Only (Management […]

The post Protecting EC2 instances on AWS – Basic EC2 Security appeared first on AWS Security Architect.

]]>
Also read – No Ingress EC2 Instances

Here are a couple of simple, yet often ignored, best practices around EC2 instance access.

Access to EC2 instances via Systems Manager Only (Management Access)

  • Management of EC2 instances should be via Systems Manager (SSM).  
  • No Ingress EC2 instances to be created with SSM enabled. 
  • This saves the whole headache of whitelisting allowed IP Addresses to manage EC2 instances

No Public IP on EC2 Instances  (Public/End User Access)

EC2 Instances that need to be public facing should be front ended with a Load Balancer. A load balancer should expose the public IP, instead of the EC2.  

Summary

IaaS based Compute is the most used service alongside Storage.  Protecting Management Level access as well as public access is key to these instances is key to ensuring a secure AWS environment.

For an advanced security consultation, please Contact AWS Security Architect

The post Protecting EC2 instances on AWS – Basic EC2 Security appeared first on AWS Security Architect.

]]>
https://awssecurityarchitect.com/ec2-security/protecting-ec2-instances-on-aws-basic-ec2-security/feed/ 0 57