Skip to content

Commit

Permalink
fix type
Browse files Browse the repository at this point in the history
  • Loading branch information
aquamatthias committed Jun 5, 2024
1 parent 48592f8 commit df9bd9e
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion fixcompliance/data/checks/aws/aws_ec2.json
Original file line number Diff line number Diff line change
Expand Up @@ -1188,7 +1188,7 @@
"risk": "Assigning public IP addresses to EC2 instances in Auto-Scaling groups increases the risk of unintended exposure to the internet, making them potential targets for cyber-attacks. This configuration can lead to vulnerabilities if the security groups and network access controls are not strictly managed.",
"severity": "medium",
"detect": {
"fix": "is(aws_ec2_launch_template) and launch_template_data.network_interfaces[*].associate_public_ip_address==True"
"fix": "is(aws_ec2_launch_template) and launch_template_data.network_interfaces[*].associate_public_ip_address==true"
},
"remediation": {
"text": "To mitigate this risk, ensure that the Auto Scaling launch configurations are set with --no-associate-public-ip-address when created. For existing configurations, create a new launch configuration with this setting and update the Auto Scaling group to use the new configuration. This change will prevent instances from being directly accessible from the internet, reducing the attack surface.",
Expand Down

0 comments on commit df9bd9e

Please sign in to comment.