Merge pull request #93 from JupiterOne/IMDSv2MetaData

KNO-371 - Update aws-config.json
JupiterOne · Jan 30, 2024 · 2d3d590 · 2d3d590
2 parents af5cc95 + 7c771ff
commit 2d3d590
Showing 1 changed file with 12 additions and 0 deletions.
diff --git a/rule-packs/aws-config.json b/rule-packs/aws-config.json
@@ -1110,5 +1110,17 @@
       }
     ],
     "alertLevel": "MEDIUM"
+  },
+  {
+    "name": "ec2-imdsv2-optional",
+    "description": "Checks if an Amazon EC2 Instance have been configured to not require Instance Metadata Service Version 2 (IMDSv2)",
+    "queries": [
+      {
+        "name": "query0",
+        "query": "find aws_instance with httpTokens = 'optional' and httpEndpointEnabled=true",
+        "version": "v1"
+      }
+    ],
+    "alertLevel": "MEDIUM"
   }
 ]