Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

VSCode Extension Installations on EC2 Server & Risk Evaluation

0

A customer would like to install vs-code extensions to their EC2 (for example, the official GitHub Copilot extension). These extensions will be stored in the folder /home/ec2-user/.vscode-server/extensions.

The customer like to understand any forseen security vulnerabilities introduced by this? if there are potential risks, are there any advice to evaluate & minimise any security risk of vulnerabilities.

Argomenti
ComputazionaliAWS Well-Architected Framework
Tag
Amazon EC2Sicurezza
Lingua
English
Dennis
posta 4 mesi fa229 visualizzazioni
2 Risposte
0
Risposta accettata

Hello,

Thank you for your post,

Please note that, as vscode extension is handled by third party developer(based on the extension) thus I will not be able to comment on the vulnerabilities of the extensions.

However as a recommendation, you may scan your EC2 instance using tool like Amazon Inspector to detect if there are any vulnerabilities getting captured post adding the extension and take further action for the remediation.

[+] https://aws.amazon.com/inspector/

You may also have look at the best practices for your EC2 instance to make it more secure.

[+] https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-best-practices.html

AWS
TECNICO DI SUPPORTO
Deepak_J
con risposta 3 mesi fa
0

Hi Deepak, thanks & appreciate your sharing.

Dennis
con risposta 3 mesi fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente