EC2 Security Best Practices
There are general best practices for securing EC2 instances that are applicable irrespective of operating system or whether instances are running on virtual machines or on on-premise data centers. Let's look at these general best practices:
Least access: Unless required, ensure that your EC2 instance has restricted access to the instance, as well as restricted access to the network. Provide access only to trusted entities, including software and operating system components that are required to be installed on these instances.
Least privilege: Always follow the principle of least privilege required by your instances, as well as users, to perform their functions. Use role-based access for your instances and create roles with limited permissions. Control and monitor user access for your instances.
Configuration management: Use AWS configuration management services to have a baseline for your instance configuration and treat each EC2 instance as a configuration item...