EC2 instance monitoring disabled

Docs > Datadog Security > Code Security > Infrastructure as Code (IaC) Security > IaC Security Rules > EC2 instance monitoring disabled

Metadata

Id: 0264093f-6791-4475-af34-4b8102dcbcd0

Cloud Provider: AWS

Platform: CloudFormation

Severity: Medium

Category: Observability

Learn More

Provider Reference

Description

EC2 instances should have detailed (1-minute) monitoring enabled to improve detection and response to performance and security incidents and to provide higher-resolution metrics for investigations and alerting. In CloudFormation, the AWS::EC2::Instance resource must include the Monitoring property set to true. Resources missing Monitoring or with Monitoring set to false will be flagged.

MyInstance:
  Type: AWS::EC2::Instance
  Properties:
    InstanceType: t3.micro
    ImageId: ami-0123456789abcdef0
    Monitoring: true

Compliant Code Examples

Resources:
  MyEC2Instance:
    Type: AWS::EC2::Instance
    Properties:
      ImageId: ami-12345678
      InstanceType: t2.micro
      Monitoring: true

Non-Compliant Code Examples

Resources:
  MyEC2Instance:
    Type: AWS::EC2::Instance
    Properties:
      ImageId: ami-12345678
      InstanceType: t2.micro

Resources:
  MyEC2Instance:
    Type: AWS::EC2::Instance
    Properties:
      ImageId: ami-12345678
      InstanceType: t2.micro
      Monitoring: false