AWS-EC2-Instances-Older-Than-6MONTHS

Severity : Medium

Description: This control ensures that EC2 instances are not based on older versions of images and is running on the newer efficient secured hosts. An EC2 instance is not supposed to run indefinitely in the cloud and having too old instances could increase the risk of potential issues. Retiring old instances prevents them from irreparable hardware failure and security risks. It is recommended to stop and relaunch old EC2 instances as it will reallocate them to different and more reliable underlying host machine.

Remediation Steps:

Perform following to update older instances:

1. Login to AWS management console at https://console.aws.amazon.com.

2. Navigate to EC2 console.

3. In navigation pane, under Instances, choose Instances.

4. Choose EC2 instance reported from the list.

5. Select Actions menu, choose Image and templates, Create image.

6. On the Create image, enter Image name, Image description. In No reboot select Disable. Instance volumes, Tags.

7. Select Create image.

8. Once the AMI is created , choose AMIs. Select Launch instance from the new AMI.

9. On the old instances, Select Terminate to delete the instance.

Important:

Reference :

• https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-retirement.html