Detections
Analytics

Ensure multiple ENI are not attached to a single AWS Instance

LOW

Description

Attaching multiple ENI's to a single AWS Instance can cause dual-homed instances which could increase network complexity and could introduce unwanted network paths leading to unauthorized access.

Remediation

In AWS Console -

  1. Sign in to the Amazon EC2 console.
  2. Under Network & Security, select Network Interfaces.
  3. Filter the list by the noncompliant instance IDs to see the associated ENIs.
  4. Select the ENIs that you want to remove.
  5. From the Actions menu, Select Detach.
  6. If you see the prompt 'Are you sure that you want to detach the following network interface?', click on Detach.

In Terraform -

  1. For the aws_instance resource, configure the network_interface to use a single interface ID.

References:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-networking.html
https://registry.terraform.io/providers/hashicorp/aws/3.76.1/docs/resources/instance#network_interface

Policy Details

Rule Reference ID: AC_AWS_0397
CSP: AWS
Remediation Available: No
Domain: Security Best Practices
Resource: aws_instance
Resource Category: Compute
Resource Type: Elastic Cloud Compute (EC2)

Frameworks