v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Powerpipe Hub 
Hub
Mods
turbot/aws_compliance
Overview
32Dashboards
1295Controls
585Queries
4Variables
GitHub

Control: 2.5 Ensure no AWS EC2 Instances are older than 180 days

Description

Identify any running AWS EC2 instances older than 180 days.

An EC2 instance is not supposed to run indefinitely and having instance older than 180 days can increase the risk of problems and issues.

Remediation

From Console:

  1. Login to EC2 using https://console.aws.amazon.com/ec2/.
  2. On the left Click INSTANCES, click Instances.
  3. Select the EC2 instance identified above in the audit. The Instance State must be 'running'.
  4. Click Actions, click Instance State, click Stop.
  5. Wait for the Instance State to read 'stopped'.
  6. Click 'Actions' click 'Instance State', click 'Start'
  7. Select the Description tab.
  8. Check the Launch time.

Confirm that the instance active age is now set to today's date and time.

Usage

Run the control in your terminal:

powerpipe control run aws_compliance.control.cis_compute_service_v100_2_5

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run aws_compliance.control.cis_compute_service_v100_2_5 --share

SQL

This control uses a named query:

ec2_instance_not_older_than_180_days

Tags

category = Compliance
cis = true
cis_item_id = 2.5
cis_level = 1
cis_section_id = 2
cis_type = manual
cis_version = v1.0.0
plugin = aws
service = AWS/EC2