Back to All Checks
Medium EC2 Regional

Amazon EC2 should be configured to use VPC endpoints that are created for the Amazon EC2 service

NISTISO 27001

Description

Checks whether Amazon EC2 instances are configured to use VPC endpoints for the Amazon EC2 service.

Remediation

To comply with this control, ensure that VPC endpoints for the Amazon EC2 service are created and configured correctly. VPC endpoints enable private connections between your VPC and AWS services.

Steps

  1. Sign in to the AWS Management Console and open the VPC console at https://console.aws.amazon.com/vpc/.
  2. In the VPC console, click on 'Endpoints' in the left navigation pane.
  3. Click on the 'Create Endpoint' button.
  4. In the 'Create Endpoint' dialog, select the service name for Amazon EC2.
  5. Choose the VPC where you want to create the endpoint.
  6. Select the subnets in your VPC where you want to create the endpoint.
  7. Optionally, enable the 'Private DNS Name' feature for the endpoint.
  8. Configure the security group to control the traffic to and from the endpoint.
  9. Click on the 'Create endpoint' button to create the VPC endpoint.
  10. After creating the endpoint, configure your EC2 instances or other AWS resources to use this endpoint for accessing the EC2 service.

Compliance

NISTISO 27001
Start Your Free Security Check