Launch configuration should not have a public IP address.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | ec2 |
| Provider | AWS |
| Vulnerability Type | misconfiguration |
Description#
The launch configuration is set to assign a public IP address to instances, making them directly accessible from the internet. This exposes the instances to unnecessary external access and increases the attack surface.
Impact#
Publicly accessible instances can be targeted by attackers for unauthorized access, data breaches, or exploitation of vulnerabilities. This exposure increases the risk of compromise, lateral movement within the network, and potential loss of sensitive data or service disruptions.
Resolution#
Set the instance to not be publicly accessible