AWS security notification: EC2 instances vulnerable to log4j vulnerability

0

Based on the AWS security notification some of the EC2 instances were vulnerable to log4j vulnerability. We updated the EC2 instance to use IMDSv2 and disabled IMDSv1 using the below command:

aws ec2 modify-instance-metadata-options --instance-id <<instance_id>> -http-tokens required --http-endpoint enabled Will this be sufficient or should we take into consideration any other measures?

主題

運算 AWS Well-Architected Framework

標籤

Linux 佈建 Amazon EC2 安全性

語言

English

已提問 2 年前檢視次數 545 次

1 個回答

最新
最多得票
最多評論

1

We have full recommendations located here: https://aws.amazon.com/blogs/security/using-aws-security-services-to-protect-against-detect-and-respond-to-the-log4j-vulnerability/

已回答 2 年前

相關內容

amazon polly使用字數異常增加(The characters increased for no reason)
ys_1004
已提問 9 個月前
EC2顯示運作正常，但實際卻無法連線
zhen
已提問 6 個月前
EC2 執行個體停止多久後會開始收取彈性IP費用?
li
已提問 6 個月前
步驟 1 中指定的啟動範本無效︰You are not authorized to perform this operation
Bao
已提問 4 個月前
如何解決在嘗試刪除 Amazon EC2 backup 時出現的「This image is managed by AWS Backup and cannot be deleted via EC2 APIs.To delete this image, please use the AWS Backup APIs, CLI, or console.」錯誤？
AWS 官方已更新 10 個月前
使用 AWS CLI 承擔 IAM 角色時，如何對 AWS STS 錯誤 “the security token included in the request is expired (請求中包含的安全字符已過期)” 進行疑難排解？
AWS 官方已更新 2 年前
如何解決 AWS Organizations 的錯誤 "You have exceeded the allowed number of AWS accounts." (您已超過允許的 AWS 帳戶數。)？
AWS 官方已更新 1 年前
為什麼我的影像建置管道發生故障，並在 Image Builder 中顯示錯誤訊息「Step timed out while step is verifying the Systems Manager Agent availability on the target instance(s)」(步驟在驗證目標執行個體上的 Systems Manager Agent 是否可用時發生逾時)？
AWS 官方已更新 2 年前