💼 [EC2.4] Stopped EC2 instances should be removed after a specified time period

ID: /frameworks/aws-fsbp-v1.0.0/ec2/04

Description

When an EC2 instance has not run for a significant period of time, it creates a security risk because the instance is not being actively maintained (analyzed, patched, updated). If it is later launched, the lack of proper maintenance could result in unexpected issues in your AWS environment. To safely maintain an EC2 instance over time in an inactive state, start it periodically for maintenance and then stop it after maintenance. Ideally, this should be an automated process.

Similar

AWS Security Hub
- https://docs.aws.amazon.com/securityhub/latest/userguide/ec2-controls.html#ec2-4
Internal
- ID: dec-c-333cf464

Similar Sections (Give Policies To)

Section	Sub Sections	Policies	Compliance
💼 NIST SP 800-53 Revision 5 → 💼 CA-9(1) Internal System Connections _ Compliance Checks		25	no data
💼 NIST SP 800-53 Revision 5 → 💼 CM-2 Baseline Configuration	7	29	no data
💼 NIST SP 800-53 Revision 5 → 💼 CM-2(2) Baseline Configuration _ Automation Support for Accuracy and Currency		16	no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Description​

Similar​

Similar Sections (Give Policies To)​

Sub Sections​

Description

Similar

Similar Sections (Give Policies To)

Sub Sections