EC2 instances should not be publicly accessible
Description
This validation examines whether EC2 instances are publicly accessible. Private IPv4 addresses can be used for communication within the same VPC or connected private network.
IPv6 addresses are globally unique and reachable from the internet, although by default, subnets have the IPv6 addressing attribute set to false. For further details on IPv6, refer to IP addressing in your VPC in the Amazon VPC User Guide.
If public accessibility for an EC2 instance is intentional, you have the option to mute the findings from this validation.
Refer to the section on Modifying the public IPv4 addressing attribute for your subnet in the Amazon VPC User Guide for detailed instructions.
Choose to enable or disable the public IP addressing feature during the instance launch process, which overrides the subnet’s default setting. See Assign a public IPv4 address during instance launch in the Amazon EC2 User Guide for Linux Instances for more information.
For more guidance on public IPv4 addresses and external DNS hostnames, see the Amazon EC2 User Guide for Linux Instances.
