AWS_IAM_19

Ensure IAM instance roles are used for AWS resource access from instances

Description

AWS access from within AWS instances can be done by either encoding AWS keys into AWS API calls or by assigning the instance to a role which has an appropriate permissions policy for the required access. AWS Access” means accessing the APIs of AWS in order to access AWS resources or manage AWS account resources.

Remediation

To attach an IAM role to an instance that has no role, the instance can be in the stopped or running state.

To attach an IAM role to an instance :

1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.

2. In the navigation pane, choose Instances.

3. Select the instance, choose Actions, Instance Settings, Attach/Replace IAM role.

4. Select the IAM role to attach to your instance, and choose Apply.

Service

IAM

Severity

Medium

Compliance

Mapping

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!