Ensure detailed monitoring is enabled for AWS EC2 instances

LOW

Description

AWS EC2 instances without a detailed monitoring could have an impact on incident response.

Remediation

In AWS Console -

Sign in to AWS Console and go to the Amazon EC2 console.
In the navigation pane, select Instances.
Select the instance and select Actions, Monitoring, Manage detailed monitoring.
On the Detailed monitoring detail page, for Detailed monitoring, select the Enable check box.
Select Save

In Terraform -

For the aws_instance resource, set the monitoring field to true.

References:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring_automated_manual.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/instance#monitoring

Policy Details

Rule Reference ID: AC_AWS_0459

CSP: AWS

Remediation Available: Yes

Domain: Compliance Validation

Resource: aws_instance

Resource Category: Compute

Resource Type: Elastic Cloud Compute (EC2)

Frameworks

GDPR
HIPAA
NIST-800-53
NIST-CSF