Back to All Checks
High EC2 Regional

EC2 instances should not have a public IPv4 address

NIST

Description

Checks whether Amazon EC2 instances have a public IPv4 address.

Remediation

To comply with this control, ensure that Amazon EC2 instances do not have a public IPv4 address. Modify the instance settings or network configuration as needed.

Steps

  1. Sign in to the AWS Management Console and open the EC2 console at https://console.aws.amazon.com/ec2/.
  2. In the EC2 console, click on 'Instances' in the left navigation pane.
  3. Select the instance you want to modify.
  4. In the 'Description' tab, check if the instance has a public IPv4 address.
  5. If the instance has a public IPv4 address, click on 'Actions', then 'Networking', and select 'Change Security Groups'.
  6. Associate the instance with a security group that does not allow public internet access.
  7. Alternatively, modify the instance's subnet or VPC settings to remove public internet access.
  8. Apply the changes and verify that the instance no longer has a public IPv4 address.

Compliance

NIST
Start Your Free Security Check