From df9bd9ed3b721b8520b2b36c6c844cf8fef265f1 Mon Sep 17 00:00:00 2001 From: Matthias Veit Date: Wed, 5 Jun 2024 17:49:55 +0200 Subject: [PATCH] fix type --- fixcompliance/data/checks/aws/aws_ec2.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fixcompliance/data/checks/aws/aws_ec2.json b/fixcompliance/data/checks/aws/aws_ec2.json index 85ee598..14ead28 100644 --- a/fixcompliance/data/checks/aws/aws_ec2.json +++ b/fixcompliance/data/checks/aws/aws_ec2.json @@ -1188,7 +1188,7 @@ "risk": "Assigning public IP addresses to EC2 instances in Auto-Scaling groups increases the risk of unintended exposure to the internet, making them potential targets for cyber-attacks. This configuration can lead to vulnerabilities if the security groups and network access controls are not strictly managed.", "severity": "medium", "detect": { - "fix": "is(aws_ec2_launch_template) and launch_template_data.network_interfaces[*].associate_public_ip_address==True" + "fix": "is(aws_ec2_launch_template) and launch_template_data.network_interfaces[*].associate_public_ip_address==true" }, "remediation": { "text": "To mitigate this risk, ensure that the Auto Scaling launch configurations are set with --no-associate-public-ip-address when created. For existing configurations, create a new launch configuration with this setting and update the Auto Scaling group to use the new configuration. This change will prevent instances from being directly accessible from the internet, reducing the attack surface.",