AWS Config Rule: EC2 Managed Instance Platform Check

Description: Checks whether EC2 managed instances have the desired configurations.

Trigger type: Configuration changes

AWS Region: All supported AWS regions except Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region

This AWS Config rule verifies if EC2 SSM managed instances are launched using specific OS configurations defined within the StackZone console, whether it is Windows, Linux or macOS. If a Systems Manager managed instance is detected with an OS other than the desired one, the rule will be tagged as non-compliant.

To configure the desired platform, login into StackZone console and look for Provisioning in the left-side menu. Click on Baseline Services > AWS Config Rules Regional > Amazon EC2 then go to the EC2 managed instance platform check card. Enable the rule, select your desired platform, save settings and push the configuration to AWS. Use the following screenshot for further reference:

In order to resolve this, ensure that SSM-managed instance are only launched using your defined operating system.

Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here