Checks whether the protection feature provided by Security Center is enabled for all running Elastic Compute Service (ECS) instances. If so, the evaluation result is Compliant.
Scenarios
This rule applies when you need to check whether the protection feature provided by Security Center is enabled for all running ECS instances. This helps improve the security of your system.
Risk level
Default risk level: high.
When you apply this rule, you can change the risk level based on your business requirements.
Compliance evaluation logic
- If the protection feature provided by Security Center is enabled for all running ECS instances, the evaluation result is Compliant.
- If the protection feature provided by Security Center is disabled for all running ECS instances, the evaluation result is Incompliant. For more information about how to remediate an incompliant configuration, see Incompliance remediation.
- This rule does not apply to ECS instances that are not in the running state.
Rule details
| Item | Description |
|---|---|
| Rule name | ecs-instance-enabled-security-protection |
| Rule identifier | ecs-instance-enabled-security-protection |
| Tag | ECS, Instance, and SecurityCenter |
| Automatic remediation | Supported |
| Trigger type | Periodic execution |
| Evaluation frequency | Interval of 24 hours |
| Supported resource type | ECS instance |
| Input parameter | None. |
Incompliance remediation
Install the Security Center agent on a running ECS instance. For more information, see Install the Security Center agent.