Auto Scaling group launch configuration should configure EC2 instances to require IMDSv2

이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

This control verifies if an Amazon EC2 Auto Scaling launch configuration has version 2 of the Instance Metadata Service (IMDS) enforced. The control fails if the http_tokens field in the metadata_options settings is not set to required.

IMDSv2 introduces important additional security features that enhance the protection of your EC2 instances compared to IMDSv1.

Remediation

For guidance on creating secure Auto Scaling launch configurations, refer to the Configure the instance metadata options section of the Amazon EC2 Auto Scaling User Guide.