EC2 instance without VPC

ID

aws_ec2_without_vpc

Severity

low

Vendor

AWS

Resource

Network

Tags

reachable

Description

EC2 Instances should be configured under a VPC network. AWS VPCs provide the controls to facilitate a formal process for approving and testing all network connections and changes to the firewall and router configurations..

To fix it, you must configure vpc_subnet_id property.

Learn more about this topic at AWS EC2.

Examples

---
- name: Example playbook
  hosts: localhost
  tasks:
    - name: instance
      amazon.aws.ec2_instance:
        name: "public-compute-instance"
        key_name: "prod-ssh-key"
        instance_type: c5.large
        security_group: default
        network:
          assign_public_ip: true
        image_id: ami-123456
        tags:
          Environment: Testing

Mitigation / Fix

---
- name: Example playbook
  hosts: localhost
  tasks:
    - name: instance
      amazon.aws.ec2_instance:
        name: "public-compute-instance"
        key_name: "prod-ssh-key"
        vpc_subnet_id: subnet-5ca1ab1e
        instance_type: c5.large
        security_group: default
        network:
          assign_public_ip: true
        image_id: ami-123456
        tags:
          Environment: Testing