Unused AWS EC2 Key Pairs Should Be Removed
More Info:
Unused AWS EC2 key pairs should be decommissioned to follow best practices.Risk Level
MediumAddress
SecurityCompliance Standards
AWSWAFTriage and Remediation
Remediation
Using Console
Using Console
Sure, here are the step-by-step instructions to remediate the issue of Unused AWS EC2 Key Pairs Should Be Removed in AWS using AWS console:
- Login to AWS console and navigate to the EC2 dashboard.
- Click on the “Key Pairs” option from the left-hand side menu.
- Review the list of key pairs that are available. Identify the key pairs that are not being used by any instances.
- Select the unused key pairs and click on “Actions” button.
- From the drop-down menu, select “Delete Key Pair”.
- A confirmation window will appear, click on “Delete” to confirm the deletion of the key pair.
- Repeat this process for all unused key pairs.
Using CLI
Using CLI
Here are the step-by-step instructions to remediate the issue of unused AWS EC2 Key Pairs using AWS CLI:
- Open the AWS CLI on your local machine or EC2 instance.
- Use the following command to list all the available key pairs:
- Identify the key pairs that are not in use and note down their key pair names.
- Use the following command to delete the unused key pairs:
- Replace
<key-pair-name>with the actual name of the key pair you want to delete. - Repeat step 4 for all the unused key pairs.
- Verify that the unused key pairs have been removed by running the command in step 2 again.
Using Python
Using Python
Sure, here are the step-by-step instructions to remediate the misconfiguration of unused AWS EC2 key pairs using Python:
- Import the necessary libraries:
- Create a boto3 EC2 client:
- Retrieve all the key pairs in the AWS account:
- Loop through the key pairs and check if they are associated with any running instances:
- The above code will delete all the unused key pairs in the AWS account.