AWS re:Postを使用することにより、以下に同意したことになります AWS re:Post 利用規約
AWS re:Postre:Post

VSCode Extension Installations on EC2 Server & Risk Evaluation

0

A customer would like to install vs-code extensions to their EC2 (for example, the official GitHub Copilot extension). These extensions will be stored in the folder /home/ec2-user/.vscode-server/extensions.

The customer like to understand any forseen security vulnerabilities introduced by this? if there are potential risks, are there any advice to evaluate & minimise any security risk of vulnerabilities.

トピック
計算するAWS Well-Architected Framework
タグ
Amazon EC2セキュリティ
言語
English
Dennis
質問済み 4ヶ月前229ビュー
2回答
0
承認された回答

Hello,

Thank you for your post,

Please note that, as vscode extension is handled by third party developer(based on the extension) thus I will not be able to comment on the vulnerabilities of the extensions.

However as a recommendation, you may scan your EC2 instance using tool like Amazon Inspector to detect if there are any vulnerabilities getting captured post adding the extension and take further action for the remediation.

[+] https://aws.amazon.com/inspector/

You may also have look at the best practices for your EC2 instance to make it more secure.

[+] https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-best-practices.html

AWS
サポートエンジニア
Deepak_J
回答済み 3ヶ月前
0

Hi Deepak, thanks & appreciate your sharing.

Dennis
回答済み 3ヶ月前

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ