No Public Ip | Vulnerability Database

Launch configuration should not have a public IP address.

You should limit the provision of public IP addresses for resources. Resources should not be exposed on the public internet, but should have access limited to consumers required for the function of your application.

Impact

Recommended Actions

Follow the appropriate remediation steps below to resolve the issue.

Set the instance to not be publicly accessible

1
2
3
4
5
6


Resources:
  GoodExample:
    Type: AWS::AutoScaling::LaunchConfiguration
    Properties:
      ImageId: ami-123456
      InstanceType: t2.small

Set the instance to not be publicly accessible

1
2
3


resource "aws_launch_configuration" "good_example" {
  associate_public_ip_address = false
}

Remediation Links

https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/launch_configuration#associate_public_ip_address
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#associate_public_ip_address