StackZone - Help Center | AWS Config Rule: EC2 Transit Gateway Auto VPC Attach Disabled

AWS Config Rule: EC2 Transit Gateway Auto VPC Attach Disabled

EC2_TRANSIT_GATEWAY_AUTO_VPC_ATTACH_DISABLED

Eduardo Van Cauteren

Last Update 3 months ago

Description: Checks if Amazon Elastic Compute Cloud (Amazon EC2) Transit Gateways have 'AutoAcceptSharedAttachments' enabled. The rule is NON_COMPLIANT for a Transit Gateway if 'AutoAcceptSharedAttachments' is set to 'enable'.

Trigger type: Configuration changes

AWS Region: Only available in Europe (Stockholm), Europe (Paris), US East (Ohio), Africa (Cape Town), Europe (Ireland), Europe (Frankfurt), South America (Sao Paulo), US East (N. Virginia), Asia Pacific (Seoul), Europe (London), Europe (Milan), Asia Pacific (Tokyo), US West (Oregon), US West (N. California), Asia Pacific (Singapore), Asia Pacific (Sydney), Canada (Central) Region

How to Resolve Manually

This Config Rule checks wether the Auto accept shared attachments setting within an EC2 Transit Gateway is disabled. The rule will be marked as non-compliant if a Transit Gateway is found with Auto accept attachment enabled.

In order to resolve this, head on over VPC Dashboard within AWS Console and then go to Transit gateways from within the left menu. Locate the TGW that is out of compliance and click on its name.

Once there, click on Actions button then on Modify transit gateway. Locate the Configure cross-account sharing options card and ensure that Auto accept shared attachments is not checked.

Finally click on Modify transit gateway button to accept the changes. You can check the following screenshot as a reference:

Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here

Was this article helpful?

0 out of 0 liked this article

Still need help? Message Us