---
title: Auto Scaling group launch configuration should not assign public IP addresses
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > OOTB Rules > Auto Scaling group launch configuration
  should not assign public IP addresses
---

# Auto Scaling group launch configuration should not assign public IP addresses
 
## Description{% #description %}

This control examines whether the launch configuration of an Auto Scaling group assigns a public IP address to its instances. The control fails if the launch configuration enables public IP addresses to be assigned.

Instances within an Auto Scaling group should not be assigned a public IP address, except in specific, limited scenarios. EC2 instances should typically be accessed through a load balancer rather than being directly exposed to the internet.

## Remediation{% #remediation %}

For guidance on updating Auto Scaling launch configurations, refer to the [Change the launch configuration for an Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/change-launch-config.html) section of the Amazon EC2 Auto Scaling User Guide.