Risk Level: Medium
Cloud Entity: Amazon EC2 Instance
CloudGuard Rule ID: D9.AWS.NET.12
Covered by Spectral: No
Category: Compute

GSL LOGIC

Instance should have vpc

REMEDIATION

From Portal
Step 1: Identify EC2-Classic instances

Choose Instances in the navigation pane.
In the VPC ID column, the value for each EC2-Classic instance is blank or a - symbol. If the VPC ID column is not present, choose the gear icon and make the column visible.

Step 2: Create an AMI
After you've identified your EC2-Classic instance, you can create an AMI from it. Follow these links to create AMI: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html or https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/Creating_EBSbacked_WinAMI.html

Step 3: Launch an instance into your VPC
After you've created an AMI, you can use the Amazon EC2 launch instance wizard to launch an instance into your VPC. The instance will have the same data and configurations as your existing EC2-Classic instance.

Follow the procedure to launch an instance.
Under Application and OS Images (Amazon Machine Image), choose My AMIs, ensure that Owned by me is selected, and select the AMI that you created. Alternatively, if you shared an AMI from another account, choose Shared with me, and select the AMI that you shared from your EC2-Classic account.
Under Network settings, choose Edit (on the right), and do the following:
For VPC, select your VPC.
For Subnet, select the required subnet.
For Security group name, select the security group that you created for your VPC.
Configure any other details that you require, such as the instance type and key pair. For information about the fields in the launch instance wizard, see Launch an instance using defined parameters.
In the Summary panel, review your instance configuration, and then choose Launch instance.

From Command Line
Use the following describe-instances command to identify your EC2-Classic instances. The --query parameter displays only instances where the value for VpcId is null.

aws ec2 describe-instances --query 'Reservations[*].Instances[?VpcId==`null`]'

References

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html
https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/Creating_EBSbacked_WinAMI.html
https://aws.amazon.com/premiumsupport/knowledge-center/ssm-migrate-ec2classic-vpc/
https://docs.aws.amazon.com/systems-manager-automation-runbooks/latest/userguide/automation-awssupport-migrate-ec2-classic-to-vpc.html
https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/describe-instances.html

Amazon EC2 Instance

Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers.

Compliance Frameworks

AWS CSA CCM v.3.0.1
AWS CloudGuard Best Practices
AWS CloudGuard CheckUp
AWS CloudGuard Network Alerts for default VPC components
AWS CloudGuard SOC2 based on AICPA TSC 2017
AWS CloudGuard Well Architected Framework
AWS HITRUST
AWS HITRUST v11.0.0
AWS ISO 27001:2013
AWS ISO27001:2022
AWS ITSG-33
AWS LGPD regulation
AWS MAS TRM Framework
AWS MITRE ATT&CK Framework v10
AWS MITRE ATT&CK Framework v11.3
AWS NIST 800-171
AWS NIST 800-53 Rev 4
AWS NIST 800-53 Rev 5
AWS NIST CSF v1.1
AWS PCI-DSS 3.2
AWS Security Risk Management
CloudGuard AWS All Rules Ruleset
CloudGuard AWS Dashboards