Ensure that Lightsail instances are not publicly accessible
lightsail_instance_public
Ensure that Lightsail instances are not publicly accessible
Risk
If an instance is publicly accessible, it can be accessed by anyone on the internet. This can lead to unauthorized access to the instance and its data.
Run this check with Prowler CLI
prowler aws --checks lightsail_instance_public
ARN template
arn:partition:lightsail:region:account:Instance/instance-id
Remediation
WUIReferences:
We recommend that you disable public access to the instance and use a VPN or a bastion host to access the instance securely.
Source Code
Resource Type
Other