There are multiple aspects and factors that can impact the security posture of your Amazon EC2 instances. In order to ensure that they are not under any malicious security threat, it is, therefore, important to imbibe certain security best practices for Elastic Compute Cloud service.
Why Amazon EC2 instances should have termination protection enabled?
With hundreds of instances running in your infrastructure, it is quite possible that you can by-mistake delete an EC2 instance which was not supposed to be terminated. What if that instance was handling your important workloads? This could lead to a major stagnation in your cloud operations since you will have to start the entire process from scratch.
Enabling termination protection prevents these accidental deletions of EC2 instances. Termination protection, if enabled does not allow the user to delete the instance. If the user wants to delete an instance, it can be done only when termination protection for that particular instance is disabled. In this way, there remains no scope of accidental deletion of EC2 instances. It is recommended to make sure that termination protection is enabled for your Amazon EC2 instances.
How you can leverage Centilytics to ensure the same?
Centilytics provides a security check which gives warnings to the user if an AWS EC2 instance with disabled termination protection is detected.
There can be two possible scenarios:
|Warning||This indication will be displayed when termination protection is disabled for your corresponding EC2 instance.|
Description of further columns are as follows:
- Account Id: This column shows the respective account ID of the user.
- Account Name: This column shows the corresponding account name.
- Region: This column shows the region in which the resource exists.
- Identifier: This column shows the unique instance id of your EC2 instance.
- Resource Name: This column shows the name of your EC2 instance.
|Account Id||Applying the account Id filter will display data for the selected account Id.|
|Region||Applying the region filter will display data corresponding to the selected region|
|Severity||Applying severity filter will display public snapshots according to the selected severity type i.e. selecting critical will display all resources with critical severity. Same will be the case for Warning and Ok severity types.|
|Resource Tags||Applying resource tags filter will display those resources which have been assigned the selected resource tag. For e.g., A user has tagged some public snapshots by a resource tag named environment. Then selecting an environment from the resource tags filter will display all those resources tagged by the tag name environment.|
|Resource Tags Value||Applying resource tags value filter will display data which will have the selected resource tag value. For e.g. – Let’s say a user has tagged some resource by a tag named environment and has a value say production (environment: production). Hence, the user can view data of all the resources which have “environment:production” tag assigned. The user can use the tag value filter only when a tag name has been provided.|