EC2 Instance Monitoring Disabled

Query id: 0264093f-6791-4475-af34-4b8102dcbcd0
Query name: EC2 Instance Monitoring Disabled
Platform: CloudFormation
Severity: Medium
Category: Observability
CWE: 778
URL: Github

Description¶

EC2 Instance should have detailed monitoring enabled. With detailed monitoring enabled data is available in 1-minute periods
Documentation

Code samples¶

Code samples with security vulnerabilities¶

Positive test num. 1 - yaml file

Resources:
  MyEC2Instance:
    Type: AWS::EC2::Instance
    Properties:
      ImageId: ami-12345678
      InstanceType: t2.micro
      Monitoring: false

Positive test num. 2 - yaml file

Resources:
  MyEC2Instance:
    Type: AWS::EC2::Instance
    Properties:
      ImageId: ami-12345678
      InstanceType: t2.micro

Code samples without security vulnerabilities¶

Negative test num. 1 - yaml file

Resources:
  MyEC2Instance:
    Type: AWS::EC2::Instance
    Properties:
      ImageId: ami-12345678
      InstanceType: t2.micro
      Monitoring: true