Amazon EC2 best security practice methods to follow
AWS EC2 – Security Group
The Security Group in AWS Ec2 is acting as a firewall. By default security group block all ports. You need to specify the port numbers in the security group to open. It is a good security practice to open ports for a specific network instead of open network (0.0.0.0/0)
By this method you can block unwanted access from unwanted networks.
AWS EC2 – SSH service
In AWS EC2 instances are connected using ssh service. So it is very important to open ssh port number in the security group. By default ssh is using 22 port number. There are many types of ssh attacks are there and one of the common attack is Brute force attack. In order to avoid these types of attacks, restrict the ssh service to certian IP or network using security group. Also follow the methods
1. Change the default ssh port number “22” to some other free port. let’s say “7865” (update the same port number in the security group)
2. Disable password authentication mechanism
4. Enable ssh to certain ip or network.
5. Disable “root” user login
AWS EC2 – IAM users
Don’t share your AWS Console administrator privileges to all unless it is required. Create users and groups in IAM and restrict the EC2 services and opertions based on users and groups by using IAM policies and permissions.
AWS Ec2 – Security Key
Keep the ssh security key safe and dont share it with everyone unless required.
AWS Ec2 – Termination Protection
Enable the termination protection while launching the instance or after launching the instance. You can enable it by simply right click on the instance and select “Change Termination Protection”.
AWS EC2 – Create Alarms
It is recommended to create Alarms for all the ec2 instances. The status checks are the results of automated tests performed by EC2 on every running instance that detect hardware and software issues. You will get alet mail in your mail box if something wrong.
AWS – Cloudwatch
Use cloudwatch metrics monitor the EC2 instance resources.