top of page
EC2.4
Stopped EC2 instances should be removed after a specified time period
Severity
Cloud Platforms
Resources
Related Standards
Automated
MEDIUM
AWS
Amazon EC2
AWS Foundational Best Practice, AWS Well-Architected, NIST.800-53.r5,
This control checks whether any EC2 instances have been stopped for more than the allowed number of days. An EC2 instance fails this check if it is stopped for longer than the maximum allowed time period; which by default is 30 days.
bottom of page