Instances outside of Europe region

This rule identifies all the AWS instances outside Europe regions

Suggest Edits

Risk Level: Low
Cloud Entity: Amazon EC2 Instance
CloudGuard Rule ID: D9.AWS.AS.01
Covered by Spectral: No
Category: Compute

GSL LOGIC

Instance should have region like 'eu_%'

REMEDIATION

From Portal
To choose a Region for New instances:

  1. Sign in to the AWS Management Console.
  2. Choose EC2 service.
  3. In the navigation bar, choose the name of the currently displayed Region. Then choose the Region to which you want to switch.

Note: We cannot change the existing EC2 instances region. However, we can create an Amazon Machine Image (AMI) from the instance and then copy that to the desired region. Then launch the instance in the new region from the AMI created. Following are the steps:

  1. Log in to the AWS Management Console.
  2. Switch to the region where your instance was launched.
  3. Select your instance and then select the Create Image option in the Actions menu.
  4. Specify the name for the new image and then click the Create Image button.
  5. From the AMIs menu in the navigation panel, select the new image and select the Copy AMI option in the Actions menu.
  6. Specify the new region in the resulting dialog window and click the Copy AMI button.

You will now be able to launch a new instance with the image in the new region. Follow the steps below:

  1. In the top menu of the EC2 dashboard, select the region where you have copied the AMI. You will see the list of the available AMIs for that region.
  2. Select the image you have copied from the list and click Actions - Launch.
  3. Choose the instance type and click Review and Launch for finishing the process.

Note: This rule is applicable for EU data protection compliances, above GSL can identify regions for the instances. Administrators can verify the instances outside of EU region and take necessary actions.

References

  1. AWS Regions documentation: https://docs.aws.amazon.com/general/latest/gr/rande.html
  2. https://docs.aws.amazon.com/awsconsolehelpdocs/latest/gsg/select-region.html

Amazon EC2 Instance

Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers.

Compliance Frameworks

  • AWS GDPR Readiness
  • CloudGuard AWS All Rules Ruleset

Updated 7 months ago