Skip to content

Commit

Permalink
Update aws-config.json
Browse files Browse the repository at this point in the history 
https://aws.amazon.com/blogs/security/get-the-full-benefits-of-imdsv2-and-disable-imdsv1-across-your-aws-infrastructure/
```
"MetadataOptions": {
                        "State": "applied", 
                        "HttpEndpoint": "enabled", 
                        "HttpTokens": "optional", 
                        "HttpPutResponseHopLimit": 1
                    },
```
  • Loading branch information
Tony Ramirez authored Jan 24, 2024
1 parent 091bd5d commit 84afbdf
Showing 1 changed file with 12 additions and 0 deletions.
12 changes: 12 additions & 0 deletions rule-packs/aws-config.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1110,5 +1110,17 @@
}
],
"alertLevel": "MEDIUM"
},
{
"name": "ec2-imdsv2-optional",
"description": "Checks if an Amazon EC2 Instances have been configured to no require Instance Metadata Service Version 2 (IMDSv2)",
"queries": [
{
"name": "query0",
"query": "find aws_instance with httpTokens = 'optional' and httpEndpointEnabled=true",
"version": "v1"
}
],
"alertLevel": "MEDIUM"
}
]

0 comments on commit 84afbdf

Please sign in to comment.