top of page

EC2.4

Stopped EC2 instances should be removed after a specified time period

Severity

Cloud Platforms

Resources

Related Standards

Automated

MEDIUM

AWS

Amazon EC2

AWS Foundational Best Practice, AWS Well-Architected, NIST.800-53.r5,

This control checks whether any EC2 instances have been stopped for more than the allowed number of days. An EC2 instance fails this check if it is stopped for longer than the maximum allowed time period; which by default is 30 days.

bottom of page