Complete a 3 Question Survey and Earn a re:Post Badge

Help improve AWS Support Official channel in re:Post and share your experience - complete a quick three-question survey to earn a re:Post badge!

AWS security notification: EC2 instances vulnerable to log4j vulnerability

Based on the AWS security notification some of the EC2 instances were vulnerable to log4j vulnerability. We updated the EC2 instance to use IMDSv2 and disabled IMDSv1 using the below command:

aws ec2 modify-instance-metadata-options --instance-id <<instance_id>> -http-tokens required --http-endpoint enabled Will this be sufficient or should we take into consideration any other measures?

Topics

Compute AWS Well-Architected Framework

Relevant content

Kinesis agent using log4j -zero day vulnerable version
AWS-User-2539645
asked 3 years ago
AWS EKS/AWS Inspector and Package Vulnerability
Accepted Answer
myronix88
asked 2 years ago
Question About Vulnerability Results in AWS Inspector
mohammed0183
asked 5 months ago
Vulnerability scanner For AWS
mohammed0183
asked 7 months ago
How do I make sure that my Amazon EC2 Linux instance is updated with the latest patches and security updates?
AWS OFFICIALUpdated 7 months ago
How do I use AWS WAF to protect my Amazon EC2 instance?
AWS OFFICIALUpdated a year ago
How do I set up Amazon Inspector Classic to run security assessments on my Amazon EC2 instances?
AWS OFFICIALUpdated 3 years ago
How do I secure my Amazon ECS container instance with best practices and hardening techniques?
AWS OFFICIALUpdated 4 months ago
Detecting EC2 Instances Exposed to Unrestricted SSH Access
EXPERT
Yaniv Rozenboim
published 9 months ago
AWS re:Invent 2024 - Securing Amazon ECS workloads with AWS Signer and Amazon GuardDuty
EXPERT
Henrique Santana
published 4 months ago