AWS-028 Amazon Web Services (AWS)
Public-facing EC2 instances are intentional and minimal.
Public-facing EC2 instances are intentional and minimal.
- Domain
- Amazon Web Services (AWS)
- Area
- Compute
- Automated / manual
- Manual
Risk if it fails
Unintended public instances expand attack surface.
Each internet-facing server is a target. An unintended public box with an unpatched service is an easy first foothold for an intruder.
How Tess tests it
1 test — each concludes only on cited evidence.
Public-facing EC2 instances are intentional and minimal.
Manual- Procedure
- List instances with public IPs and validate each against an approved inventory.
Read-only command
aws ec2 describe-instances --query 'Reservations[].Instances[?PublicIpAddress!=null].{Id:InstanceId,IP:PublicIpAddress}' (then review)More in Amazon Web Services (AWS)
Want Tess to test AWS-028 against your evidence?
Book a demo