UNKNOWN
Source
CloudSploit
ID
detect-ec2-classic-instances

Detect EC2 Classic Instances

Ensures AWS VPC is being used for instances instead of EC2 Classic

VPCs are the latest and more secure method of launching AWS resources. EC2 Classic should not be used.

Follow the appropriate remediation steps below to resolve the issue.

  1. Log in to the AWS Management Console.

  2. Select the “Services” option and search for EC2. Step

  3. On the EC2 dashboard, check the “Account Attributes”.If the supported platform status set to VPC and EC2, then the selected account support both EC2-Classic and EC2-VPC platforms.Step

  4. Select the “Instances” option on the left navigation panel to verify whether any instances are lunch under “EC2-Classic.”Step

  5. Select the “EC2 instance” and select the “Description” tab from the bottom panel. If the “VPC Id” parameter has no value assigned, the selected EC2 instance was launched within the EC2-Classic.Step

  6. Repeat steps number 2 - 5 to verify other “EC2 instances” in the selected region.

  7. Navigate to “Instances” under the EC2 dashboard and copy all the Security Group settings of your selected instance.Step

  8. Select the “EC2-Classic” instance and select the “Action” button from the top menu. Select the “Image” option and select the “Create Image” to create the AMI of the selected “EC2-Classic” Instance.Step

  9. On the “Create Image” tab enter the Image Name and Image Description and click on the “Create Image” option at the bottom to make the changes.Step

  10. Navigate to “AMIs” under “Images” and once the AMI is ready, select the “EC2-Classic” AMI and click on the “Launch” button at the top.Step

  11. Select the “Instance Type” as per the requirement and click on the “Next: Configure Instance Details” button at the bottom.Step

  12. On the “Configure Instance Details” page, select the “VPC” option under Network and make other changes as per requirement. Click on the “Next: Add Storage” button at the bottom and select the “Storage” as per the need.Step

  13. On the “Security Group” page, enter the same rules which we copied in Step7 and click on the “Review and Lunch” button. Step

  14. Click on the “View Instances” option to return to the Instance page and check whether the new EC2-VPC instance have clear all the status check and is healthy and working fine.Step

  15. Once the new EC2-VPC instance is working fine, terminate the older EC2-Classic instance.

  16. Repeat steps number 7 - 15 to migrate instances from EC2 Classic to VPC.