Ensure that your Amazon EC2 instances are not using multiple Elastic Network Interfaces (ENIs) in order to prevent network security complications, unwanted network paths, and increased management complexity. EC2 instances should have the minimum network connectivity needed for their intended purpose.
This rule can help you work with the AWS Well-Architected Framework.
excellence
optimisation
Amazon EC2 enables the attachment of one or more Elastic Network Interfaces (ENIs) to an EC2 instance. However, the intricacies linked with overseeing multiple ENIs for an EC2 instance tend to surpass the advantages. To sidestep the complexities of network security and the inadvertent establishment of undesired network pathways, it is recommended to refrain from configuring your Amazon EC2 instances with multiple Elastic Network Interfaces (ENIs).
Audit
To determine if your Amazon EC2 instances use multiple ENIs, perform the following operations:
Remediation / Resolution
To ensure that your Amazon EC2 instances are not using multiple Elastic Network Interfaces (ENIs), perform the following operations:
References
- AWS Documentation
- FAQs
- Networking in Amazon EC2
- Elastic network interfaces
- Best practices for configuring network interfaces
- AWS Command Line Interface (CLI) Documentation
- describe-instances
- detach-network-interface
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
EC2 Instances with Multiple Elastic Network Interfaces
Risk Level: High