Ensure that none of the Amazon EC2 instances provisioned in your AWS account have their instance type blacklisted by your organization. Prior to running this rule by the Cloud Conformity engine, the list with the blacklisted EC2 instance types must be configured within the rule settings, on the Cloud Conformity account dashboard.
Setting limits for the instance types used within your organization can help you address internal security compliance and prevent unexpected charges on your AWS bill. Furthermore, blacklisting a small set of EC2 instance types, usually extremely large instance types such as r4.16xlarge or c5d.18xlarge, is much more efficient than having to explicitly permit a large number of allowed types.
To determine if there are any EC2 instances with the instance type blacklisted, available in your AWS account, perform the following actions:
To ensure that no EC2 instances are launched within your AWS account using blacklisted instance types, perform the following actions:Note: Creating a support case to request the instance type restrictions using the AWS cloud API via Command Line Interface (CLI) is not currently supported.