EC2

  1. Home
  2. EC2

109

Resources

126

Total Findings

393

Rules Executed

56

Unique Rules

0

Exception

128.474s

Timespent

Summary

EC2 Instance Utilization

EC2 Instance Family Pricing

Filter

SGAllPortOpen

Security
Description
All Ports Open: 25 of security group has all ports open. It is recommended to open only specific ports that are required.
Resources
ap-northeast-1: SG::sg-0a9a9f1599f78e648
ap-northeast-2: SG::sg-0e2f6a031113c6c65
ap-northeast-3: SG::sg-0f1c015386fdeaef2
ap-south-1: SG::sg-0ce181aa24e2327a0
ap-southeast-1: SG::sg-0c82e152ce9347073 | SG::sg-0442088071f74e66b
ap-southeast-2: SG::sg-06a87caeacb9bdc1c
ap-southeast-3: SG::sg-09c69789992976af0 | SG::sg-07d450b94849d4deb
ap-southeast-5: SG::sg-0340a45e7f6dfdeef | SG::sg-0d56232f5bc4a6a0d | SG::sg-0cdece98aec7d1e6c
ca-central-1: SG::sg-0807269705e2a7bce
eu-central-1: SG::sg-061edeb40615f37d8
eu-north-1: SG::sg-0224dd542e0e0a188
eu-west-1: SG::sg-0ee2cf797712225c6
eu-west-2: SG::sg-0d712926de8d430e0
eu-west-3: SG::sg-0d057db4a24c667d8
sa-east-1: SG::sg-06a16f5c401b779ea
us-east-1: SG::sg-0f4d456d65b49cbcc | SG::sg-0562190d9d9c154da | SG::sg-0fe800a9602ab25ff
us-east-2: SG::sg-05b1211873efb1066
us-west-1: SG::sg-0ac2b6884d3c7f382
us-west-2: SG::sg-037dcb16366f739b8
Recommendation
Best practices for Amazon EC2

SGDefaultDisallowTraffic

Security
Description
Default Security Group with Rules: 24 of default security group have rules. Remove rules in default security group
Resources
ap-northeast-1: SG::sg-0a9a9f1599f78e648
ap-northeast-2: SG::sg-0e2f6a031113c6c65
ap-northeast-3: SG::sg-0f1c015386fdeaef2
ap-south-1: SG::sg-0ce181aa24e2327a0
ap-southeast-1: SG::sg-0c82e152ce9347073 | SG::sg-0442088071f74e66b
ap-southeast-2: SG::sg-06a87caeacb9bdc1c
ap-southeast-3: SG::sg-09c69789992976af0 | SG::sg-07d450b94849d4deb
ap-southeast-5: SG::sg-0340a45e7f6dfdeef | SG::sg-0cdece98aec7d1e6c
ca-central-1: SG::sg-0807269705e2a7bce
eu-central-1: SG::sg-061edeb40615f37d8
eu-north-1: SG::sg-0224dd542e0e0a188
eu-west-1: SG::sg-0ee2cf797712225c6
eu-west-2: SG::sg-0d712926de8d430e0
eu-west-3: SG::sg-0d057db4a24c667d8
sa-east-1: SG::sg-06a16f5c401b779ea
us-east-1: SG::sg-0f4d456d65b49cbcc | SG::sg-0562190d9d9c154da | SG::sg-0fe800a9602ab25ff
us-east-2: SG::sg-05b1211873efb1066
us-west-1: SG::sg-0ac2b6884d3c7f382
us-west-2: SG::sg-037dcb16366f739b8
Recommendation
VPC default security group rules

SGEncryptionInTransit

Security
Description
Encryption In Transit: 25 of security group has ports enabled without encryption in transit. It is recommended to use ports with encryption in transit
Resources
ap-northeast-1: SG::sg-0a9a9f1599f78e648
ap-northeast-2: SG::sg-0e2f6a031113c6c65
ap-northeast-3: SG::sg-0f1c015386fdeaef2
ap-south-1: SG::sg-0ce181aa24e2327a0
ap-southeast-1: SG::sg-0c82e152ce9347073 | SG::sg-0442088071f74e66b
ap-southeast-2: SG::sg-06a87caeacb9bdc1c
ap-southeast-3: SG::sg-09c69789992976af0 | SG::sg-07d450b94849d4deb
ap-southeast-5: SG::sg-0340a45e7f6dfdeef | SG::sg-0d56232f5bc4a6a0d | SG::sg-0cdece98aec7d1e6c
ca-central-1: SG::sg-0807269705e2a7bce
eu-central-1: SG::sg-061edeb40615f37d8
eu-north-1: SG::sg-0224dd542e0e0a188
eu-west-1: SG::sg-0ee2cf797712225c6
eu-west-2: SG::sg-0d712926de8d430e0
eu-west-3: SG::sg-0d057db4a24c667d8
sa-east-1: SG::sg-06a16f5c401b779ea
us-east-1: SG::sg-0f4d456d65b49cbcc | SG::sg-0562190d9d9c154da | SG::sg-0fe800a9602ab25ff
us-east-2: SG::sg-05b1211873efb1066
us-west-1: SG::sg-0ac2b6884d3c7f382
us-west-2: SG::sg-037dcb16366f739b8
Recommendation
Data protection in Amazon EC2

VPCFlowLogEnabled

Security
Description
You have 23 VPC has not enable VPC Flow Log. VPC Flow Log provide visibility into network traffic that traverses the VPC.
Resources
ap-northeast-1: VPC::vpc-0ab3a8658cd25c109
ap-northeast-2: VPC::vpc-0ae9b620559740d70
ap-northeast-3: VPC::vpc-06245ca22ea93c96c
ap-south-1: VPC::vpc-08fefc19c6abd7d80
ap-southeast-1: VPC::vpc-065c917cd817f427e | VPC::vpc-06363c3059916c90e
ap-southeast-2: VPC::vpc-0df2ab7aba940c834
ap-southeast-3: VPC::vpc-0652d450f2ab35cd2 | VPC::vpc-0ffbb3d6d50b9623a
ap-southeast-5: VPC::vpc-021cbde25259594b9 | VPC::vpc-0ce9c0784ff09b6b1
ca-central-1: VPC::vpc-0b24c79e1f3663bd9
eu-central-1: VPC::vpc-054f84d91b4742c04
eu-north-1: VPC::vpc-085ff029f3856da68
eu-west-1: VPC::vpc-030d57af9ec0578bd
eu-west-2: VPC::vpc-085d0e0d5a07e9174
eu-west-3: VPC::vpc-01ee905f628fedbe1
sa-east-1: VPC::vpc-0a2a2cba040ba08c5
us-east-1: VPC::vpc-070496984d34d0248 | VPC::vpc-0ba693df999b2fbc8
us-east-2: VPC::vpc-068471871ab842bb8
us-west-1: VPC::vpc-06acdacf8c135f707
us-west-2: VPC::vpc-004f7662a794496b9
Label
Cost Incurred
Recommendation
Amazon Elastic Compute Cloud controls

EC2EIPNotInUse

Cost Optimization
Description
Elastic IP Not In Use: 1 of your Elastic IP is not associated to any instance. Release unused Elastic IP to save cost.
Resources
ap-southeast-1: ElasticIP::eipalloc-09d7799aa3aa4df1f
Recommendation
Elastic IP Charges

EC2DetailedMonitor

Performance Efficiency
Description
Detailed Monitoring: Detailed Monitoring has not been enabled for 2 of your instances. Enable Detailed Monitoring to get monitoring metrics with higher frequency.
Resources
ap-southeast-5: EC2::i-0d3a7302b927b49bb
us-west-2: EC2::i-0b59b7cd02dba50a8
Label
Cost Incurred
Recommendation
Enable Detailed Monitoring

EC2InstancePublicIP

Security
Description
EC2 with Public IP: 1 of your instances associated public IP. Disable unused public IP from instances.
Resources
ap-southeast-5: EC2::i-0d3a7302b927b49bb
Label
Testing Required
Recommendation
Amazon EC2 public IP

EC2InstanceAutoPublicIP

Security
Description
EC2 with Auto Assign IP: 1 of your instances enabled auto-assign public IP. Disable unused public IP from instances.
Resources
ap-southeast-5: EC2::i-0d3a7302b927b49bb
Label
Testing Required
Recommendation
Amazon EC2 public IP

EC2DiskMonitor

Performance Efficiency
Description
EC2 Disk Monitoring: Disk monitoring has not been enabled for 2 of your instances. Install CloudWatch agent and enable the monitoring
Resources
ap-southeast-5: EC2::i-0d3a7302b927b49bb
us-west-2: EC2::i-0b59b7cd02dba50a8
Recommendation
Collecting EC2 metrics with CloudWatch Agent

EC2MemoryMonitor

Performance Efficiency
Description
EC2 Memory Monitoring: Memory monitoring has not been enabled for 2 of your instances. Install CloudWatch agent and enable the monitoring
Resources
ap-southeast-5: EC2::i-0d3a7302b927b49bb
us-west-2: EC2::i-0b59b7cd02dba50a8
Recommendation
Collecting EC2 metrics with CloudWatch Agent

EC2SubnetAutoPublicIP

Security
Description
EC2 Subnet with Auto Assign IP: 2 of your instances has enabled auto-assign public IP in subnet configuration.
Resources
ap-southeast-5: EC2::i-0d3a7302b927b49bb
us-west-2: EC2::i-0b59b7cd02dba50a8
Recommendation
Amazon EC2 public IP

EC2Graviton

Cost Optimization
Description
EC2 instance family with Graviton chips: 2 of your instances can change to instance type powered by Graviton chips.
Resources
ap-southeast-5: EC2::i-0d3a7302b927b49bb
us-west-2: EC2::i-0b59b7cd02dba50a8
Label
Have Downtime
Recommendation
EC2 Linux Migrate to Graviton
What is AWS Graviton

EC2LowUtilization

Cost Optimization
Description
EC2 Low Utilization: 2 of your instances have low utilization. Decrease instance size to save cost.
Resources
ap-southeast-5: EC2::i-0d3a7302b927b49bb
us-west-2: EC2::i-0b59b7cd02dba50a8
Label
Have Downtime Testing Required
Recommendation
Rightsizing Whitepaper

EBSEncrypted

Security
Description
Storage Encyrption: 2 of EBS storage volumes are not encrypted. Enable encryption for EBS volumes to meet security and compliance requirements.
Resources
ap-southeast-5: EBS::vol-088df622bcebd7a03
us-west-2: EBS::vol-058a9449d61cf9461
Label
Have Downtime
Recommendation
Best practices for Amazon EC2

EBSNewGen

Cost Optimization
Description
Storage Type Currency: 2 of EBS volumes are on an older storage type. Upgrade to latest generation of storage type to gain better performance and lower cost
Resources
ap-southeast-5: EBS::vol-088df622bcebd7a03
us-west-2: EBS::vol-058a9449d61cf9461
Label
Have Downtime Performance Impact
Recommendation
Amazon EBS volume types

EBSSnapshot

Reliability
Description
Storage Snapshot: 2 of EBS has no snapshot(s) available. Enable regular backups to prevent data loss.
Resources
ap-southeast-5: EBS::vol-088df622bcebd7a03
us-west-2: EBS::vol-058a9449d61cf9461
Label
Cost Incurred
Recommendation
Best practices for Amazon EC2

ELBSGRulesMatch

Security
Description
ALB Security Group Rules Configuration: 1 of Security Group in your ALBs has different port opened.
Resources
ap-southeast-5: ELB::ecs-te-Publi-06Wsj9bSgyQF
Recommendation
Security groups for Applicatoin Load Balancers

ELBListenerInsecure

Security
Description
Insecure Listener: 1 of ELB listeners are using insecure protocols. Please use secure protocols.
Resources
ap-southeast-5: ELB::ecs-te-Publi-06Wsj9bSgyQF
Recommendation
ALB Configuration Guide

ELBEnableWAF

Security
Description
ALB Web Application Firewall: 1 of your ALBs have not enabled WAF.
Resources
ap-southeast-5: ELB::ecs-te-Publi-06Wsj9bSgyQF
Label
Testing Required Cost Incurred
Recommendation
AWS WAF for Applicatoin Load Balancers

SGDefaultInUsed

Security
Description
Default Security Group: 1 of default security groups are utilized. It is recommended to create custom security group that configured with specific rules.
Resources
ap-southeast-5: SG::sg-0340a45e7f6dfdeef
Recommendation
Best practices for Amazon EC2

SGAllPortOpenToAll

Security
Description
All Ports Open to All: 1 of security group has all port open to all IP. It is recommended to open only specific ports to specific IPs that are required.
Resources
ap-southeast-5: SG::sg-0d56232f5bc4a6a0d
Recommendation
Best practices for Amazon EC2

SGSensitivePortOpenToAll

Security
Description
Sensitive ports open to all: 1 of security group have sensitive ports (DNS, MongoDB, MSSQL, MySQL, NFS, OracleDB PostgreSQL, RDP, SMTP, SMTPS, SSH) open to all IPs. Recommend to open only for required IP.
Resources
ap-southeast-5: SG::sg-0d56232f5bc4a6a0d
Recommendation
Best practices for Amazon EC2

EBSStoppedInstance

Cost Optimization
Description
Storage Utilization: 1 of EBS storage volumes are attached to stopped instances. Remove volumes to reduce the storage cost.
Resources
us-west-2: EBS::vol-058a9449d61cf9461
Recommendation
Delete EBS Volume that you no longer need

EBSLowUtilization

Cost Optimization
Description
EBS Low Utilization: 1 of EBS volume has less than 1 IOPS utilization for past 7 days. Remove volumes that are not required to reduce costs.
Resources
us-west-2: EBS::vol-058a9449d61cf9461
Recommendation
Controlling AWS costs by deleting unused Amazon EBS volumes
Detail
ap-northeast-1

1. sg-0a9a9f1599f78e648

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGDefaultDisallowTraffic Default Security Group with Rules
SGEncryptionInTransit All port allowed Encryption in Transit

2. vpc-0ab3a8658cd25c109

CheckCurrent ValueRecommendation
VPCFlowLogEnabled vpc-0ab3a8658cd25c109 Enable VPC Flow Log
ap-northeast-2

3. sg-0e2f6a031113c6c65

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGEncryptionInTransit All port allowed Encryption in Transit
SGDefaultDisallowTraffic Default Security Group with Rules

4. vpc-0ae9b620559740d70

CheckCurrent ValueRecommendation
VPCFlowLogEnabled vpc-0ae9b620559740d70 Enable VPC Flow Log
ap-northeast-3

5. sg-0f1c015386fdeaef2

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGEncryptionInTransit All port allowed Encryption in Transit
SGDefaultDisallowTraffic Default Security Group with Rules

6. vpc-06245ca22ea93c96c

CheckCurrent ValueRecommendation
VPCFlowLogEnabled vpc-06245ca22ea93c96c Enable VPC Flow Log
ap-south-1

7. sg-0ce181aa24e2327a0

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGEncryptionInTransit All port allowed Encryption in Transit
SGDefaultDisallowTraffic Default Security Group with Rules

8. vpc-08fefc19c6abd7d80

CheckCurrent ValueRecommendation
VPCFlowLogEnabled vpc-08fefc19c6abd7d80 Enable VPC Flow Log
ap-southeast-1

9. sg-0c82e152ce9347073

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGDefaultDisallowTraffic Default Security Group with Rules
SGEncryptionInTransit All port allowed Encryption in Transit

10. sg-0442088071f74e66b

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGDefaultDisallowTraffic Default Security Group with Rules
SGEncryptionInTransit All port allowed Encryption in Transit

11. eipalloc-09d7799aa3aa4df1f

CheckCurrent ValueRecommendation
EC2EIPNotInUse 13.214.96.60 Elastic IP In Use

12. vpc-065c917cd817f427e

CheckCurrent ValueRecommendation
VPCFlowLogEnabled vpc-065c917cd817f427e Enable VPC Flow Log

13. vpc-06363c3059916c90e

CheckCurrent ValueRecommendation
VPCFlowLogEnabled vpc-06363c3059916c90e Enable VPC Flow Log
ap-southeast-2

14. sg-06a87caeacb9bdc1c

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGEncryptionInTransit All port allowed Encryption in Transit
SGDefaultDisallowTraffic Default Security Group with Rules

15. vpc-0df2ab7aba940c834

CheckCurrent ValueRecommendation
VPCFlowLogEnabled vpc-0df2ab7aba940c834 Enable VPC Flow Log
ap-southeast-3

16. sg-09c69789992976af0

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGDefaultDisallowTraffic Default Security Group with Rules
SGEncryptionInTransit All port allowed Encryption in Transit

17. sg-07d450b94849d4deb

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGDefaultDisallowTraffic Default Security Group with Rules
SGEncryptionInTransit All port allowed Encryption in Transit

18. vpc-0652d450f2ab35cd2

CheckCurrent ValueRecommendation
VPCFlowLogEnabled vpc-0652d450f2ab35cd2 Enable VPC Flow Log

19. vpc-0ffbb3d6d50b9623a

CheckCurrent ValueRecommendation
VPCFlowLogEnabled vpc-0ffbb3d6d50b9623a Enable VPC Flow Log
ap-southeast-5

20. i-0d3a7302b927b49bb

CheckCurrent ValueRecommendation
EC2DetailedMonitor Disabled EC2 Detailed Monitoring
EC2InstancePublicIP 43.216.201.81 EC2 with Public IP
EC2InstanceAutoPublicIP 43.216.201.81 EC2 with Auto Assign IP
EC2DiskMonitor Disabled EC2 Disk Monitoring
EC2MemoryMonitor Disabled EC2 Memory Monitoring
EC2SubnetAutoPublicIP subnet-0d6d08450979edaf7 EC2 Subnet with Auto Assign IP
EC2Graviton t3.micro EC2 with AMD chips
EC2LowUtilization EC2 Low Utilization

21. vol-088df622bcebd7a03

CheckCurrent ValueRecommendation
EBSEncrypted False Enable EBS Encryption
EBSNewGen gp2 New EBS Generation Available
EBSSnapshot snap-0de5f85e2c0fd48c0 Enable EBS Snapshot

22. ecs-te-Publi-06Wsj9bSgyQF

CheckCurrent ValueRecommendation
ELBSGRulesMatch sg-0d56232f5bc4a6a0d ALB SG Rules Config
ELBListenerInsecure 80 Insecure Listener
ELBEnableWAF Disabled ALB Web Application Firewall

23. sg-0340a45e7f6dfdeef

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGDefaultInUsed default Default Security Group In Use
SGEncryptionInTransit All port allowed Encryption in Transit
SGDefaultDisallowTraffic Default Security Group with Rules

24. sg-0d56232f5bc4a6a0d

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGAllPortOpenToAll 0.0.0.0/0 All ports open to all
SGEncryptionInTransit All port allowed Encryption in Transit
SGSensitivePortOpenToAll 0.0.0.0/0 Sensitive port open to all.

25. sg-0cdece98aec7d1e6c

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGEncryptionInTransit All port allowed Encryption in Transit
SGDefaultDisallowTraffic Default Security Group with Rules

26. vpc-021cbde25259594b9

CheckCurrent ValueRecommendation
VPCFlowLogEnabled vpc-021cbde25259594b9 Enable VPC Flow Log

27. vpc-0ce9c0784ff09b6b1

CheckCurrent ValueRecommendation
VPCFlowLogEnabled vpc-0ce9c0784ff09b6b1 Enable VPC Flow Log
ca-central-1

28. sg-0807269705e2a7bce

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGEncryptionInTransit All port allowed Encryption in Transit
SGDefaultDisallowTraffic Default Security Group with Rules

29. vpc-0b24c79e1f3663bd9

CheckCurrent ValueRecommendation
VPCFlowLogEnabled vpc-0b24c79e1f3663bd9 Enable VPC Flow Log
eu-central-1

30. sg-061edeb40615f37d8

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGDefaultDisallowTraffic Default Security Group with Rules
SGEncryptionInTransit All port allowed Encryption in Transit

31. vpc-054f84d91b4742c04

CheckCurrent ValueRecommendation
VPCFlowLogEnabled vpc-054f84d91b4742c04 Enable VPC Flow Log
eu-north-1

32. sg-0224dd542e0e0a188

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGDefaultDisallowTraffic Default Security Group with Rules
SGEncryptionInTransit All port allowed Encryption in Transit

33. vpc-085ff029f3856da68

CheckCurrent ValueRecommendation
VPCFlowLogEnabled vpc-085ff029f3856da68 Enable VPC Flow Log
eu-west-1

34. sg-0ee2cf797712225c6

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGDefaultDisallowTraffic Default Security Group with Rules
SGEncryptionInTransit All port allowed Encryption in Transit

35. vpc-030d57af9ec0578bd

CheckCurrent ValueRecommendation
VPCFlowLogEnabled vpc-030d57af9ec0578bd Enable VPC Flow Log
eu-west-2

36. sg-0d712926de8d430e0

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGDefaultDisallowTraffic Default Security Group with Rules
SGEncryptionInTransit All port allowed Encryption in Transit

37. vpc-085d0e0d5a07e9174

CheckCurrent ValueRecommendation
VPCFlowLogEnabled vpc-085d0e0d5a07e9174 Enable VPC Flow Log
eu-west-3

38. sg-0d057db4a24c667d8

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGDefaultDisallowTraffic Default Security Group with Rules
SGEncryptionInTransit All port allowed Encryption in Transit

39. vpc-01ee905f628fedbe1

CheckCurrent ValueRecommendation
VPCFlowLogEnabled vpc-01ee905f628fedbe1 Enable VPC Flow Log
sa-east-1

40. sg-06a16f5c401b779ea

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGEncryptionInTransit All port allowed Encryption in Transit
SGDefaultDisallowTraffic Default Security Group with Rules

41. vpc-0a2a2cba040ba08c5

CheckCurrent ValueRecommendation
VPCFlowLogEnabled vpc-0a2a2cba040ba08c5 Enable VPC Flow Log
us-east-1

42. sg-0f4d456d65b49cbcc

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGDefaultDisallowTraffic Default Security Group with Rules
SGEncryptionInTransit All port allowed Encryption in Transit

43. sg-0562190d9d9c154da

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGEncryptionInTransit All port allowed Encryption in Transit
SGDefaultDisallowTraffic Default Security Group with Rules

44. sg-0fe800a9602ab25ff

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGDefaultDisallowTraffic Default Security Group with Rules
SGEncryptionInTransit All port allowed Encryption in Transit

45. vpc-070496984d34d0248

CheckCurrent ValueRecommendation
VPCFlowLogEnabled vpc-070496984d34d0248 Enable VPC Flow Log

46. vpc-0ba693df999b2fbc8

CheckCurrent ValueRecommendation
VPCFlowLogEnabled vpc-0ba693df999b2fbc8 Enable VPC Flow Log
us-east-2

47. sg-05b1211873efb1066

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGDefaultDisallowTraffic Default Security Group with Rules
SGEncryptionInTransit All port allowed Encryption in Transit

48. vpc-068471871ab842bb8

CheckCurrent ValueRecommendation
VPCFlowLogEnabled vpc-068471871ab842bb8 Enable VPC Flow Log
us-west-1

49. sg-0ac2b6884d3c7f382

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGDefaultDisallowTraffic Default Security Group with Rules
SGEncryptionInTransit All port allowed Encryption in Transit

50. vpc-06acdacf8c135f707

CheckCurrent ValueRecommendation
VPCFlowLogEnabled vpc-06acdacf8c135f707 Enable VPC Flow Log
us-west-2

51. i-0b59b7cd02dba50a8

CheckCurrent ValueRecommendation
EC2DetailedMonitor Disabled EC2 Detailed Monitoring
EC2SubnetAutoPublicIP subnet-064ec9039b1f29b1d EC2 Subnet with Auto Assign IP
EC2MemoryMonitor Disabled EC2 Memory Monitoring
EC2DiskMonitor Disabled EC2 Disk Monitoring
EC2Graviton t3.small EC2 with AMD chips
EC2LowUtilization EC2 Low Utilization

52. vol-058a9449d61cf9461

CheckCurrent ValueRecommendation
EBSEncrypted False Enable EBS Encryption
EBSNewGen gp2 New EBS Generation Available
EBSStoppedInstance Remove EBS attached to Stopped EC2
EBSLowUtilization EBS Low Utilization
EBSSnapshot snap-0287b2519d7933996 Enable EBS Snapshot

53. sg-037dcb16366f739b8

CheckCurrent ValueRecommendation
SGAllPortOpen -1 All ports open.
SGEncryptionInTransit All port allowed Encryption in Transit
SGDefaultDisallowTraffic Default Security Group with Rules

54. vpc-004f7662a794496b9

CheckCurrent ValueRecommendation
VPCFlowLogEnabled vpc-004f7662a794496b9 Enable VPC Flow Log