No ec2 classic remediation

Using Console

Using CLI

To remediate the EC2 Classic misconfiguration in AWS using AWS CLI, follow these steps:

Open the AWS CLI on your local machine or EC2 instance.
Run the following command to describe your VPCs:

aws ec2 describe-vpcs

Identify the VPC that you want to use for your EC2 instances.
Run the following command to create a new security group in the VPC:

aws ec2 create-security-group --group-name my-security-group --description "My security group" --vpc-id <vpc-id>

Replace <vpc-id> with the ID of the VPC that you want to use.

Run the following command to authorize inbound traffic to the security group:

aws ec2 authorize-security-group-ingress --group-id <security-group-id> --protocol tcp --port 22 --cidr 0.0.0.0/0

Replace <security-group-id> with the ID of the security group that you created in step 4.

Launch your EC2 instance in the VPC that you identified in step 3, and specify the security group that you created in step 4.
Verify that your EC2 instance is running in the VPC by running the following command:

aws ec2 describe-instances --instance-ids <instance-id>

Replace <instance-id> with the ID of your EC2 instance.

Once you have verified that your EC2 instance is running in the correct VPC, terminate any instances that are running in EC2 Classic.

Note: Before terminating any instances, make sure that you have migrated any data or applications to the new VPC.

Using Python

To remediate the “EC2 Classic Should Not Be Used” misconfiguration in AWS using Python, you can follow the below steps:

Identify all the EC2 instances in the account that are running in the EC2 Classic environment. You can use the boto3 library to list all the instances and check their VPC ID.

import boto3

ec2_client = boto3.client('ec2')

response = ec2_client.describe_instances(
    Filters=[
        {
            'Name': 'instance-state-name',
            'Values': ['running']
        }
    ]
)

for reservation in response['Reservations']:
    for instance in reservation['Instances']:
        if 'VpcId' not in instance:
            # This instance is running in the EC2 Classic environment
            # Add remediation steps for this instance

For each EC2 Classic instance, launch a new instance in a VPC. You can use the run_instances method of the EC2 client to launch a new instance. Make sure to specify the correct VPC ID and subnet ID in the NetworkInterfaces parameter.

response = ec2_client.run_instances(
    ImageId='ami-0c55b159cbfafe1f0',
    InstanceType='t2.micro',
    KeyName='my-key-pair',
    MaxCount=1,
    MinCount=1,
    NetworkInterfaces=[
        {
            'DeviceIndex': 0,
            'AssociatePublicIpAddress': True,
            'SubnetId': 'subnet-12345678',
            'Groups': ['sg-0123456789abcdef0'],
            'DeleteOnTermination': True
        }
    ]
)

new_instance_id = response['Instances'][0]['InstanceId']

Once the new instance is launched, you can terminate the old instance running in the EC2 Classic environment. You can use the terminate_instances method of the EC2 client to terminate an instance.

ec2_client.terminate_instances(
    InstanceIds=['i-0123456789abcdef0']
)

Repeat steps 2 and 3 for all the EC2 Classic instances in the account.

Note: Before implementing any remediation steps, it is recommended to test them in a non-production environment and ensure that they do not cause any unintended side effects.

AWS Introduction

AWS Pricing

AWS Threats

AWS Misconfigurations

No ec2 classic remediation

Triage and Remediation

Remediation