i-0362782bc36ed6a41
Region: us-west-2
Overview
Critical
1High
0Medium
1Low
1Informational
0Security issues (3)
Severity | Non-Compliance | Issue | Remediation | Read more | Action |
---|---|---|---|---|---|
Medium | — | EC2 Instance uses public IP address. | If you do not need your EC2 instance to be reachable from the Internet, remove the public IP address from it. | More info | |
Low | — | No IAM role was found. | Attach an IAM role to EC2 instance to allow your applications to securely make API requests without requiring you to manage the security credentials that the applications use. | More info | |
Critical | — | Insecure Instance Meta Data Service (IMDSv1) was found. | IMDSv1 can be exploited by SSRF or XML XXE attacks, as it happened in Capital One data breach, impacting 106M people. Transition to IMDSv2. | More info |