Ensure that all your EC2 instances are deployed within the AWS EC2-VPC platform instead of EC2-Classic platform for better flexibility and control over security, traffic routing and availability.
This rule can help you with the following compliance standards:
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Launching your EC2 instances using the EC2-VPC platform instead of EC2-Classic can bring several advantages such as better networking infrastructure (network isolation, Elastic Network Interfaces, subnets), much more flexible security controls (network ACLs, security groups outbound/egress filtering), access to newer and powerful instance types (C4, M4, T2, etc) and the capability to run instances on single-tenant hardware.
To determine the EC2 platform (EC2-Classic or EC2-VPC) used to launch your instances, perform the following:
To migrate your EC2-Classic instances to a Virtual Private Cloud, you must recreate those instances in a VPC environment. To recreate the necessary instances, perform the following:Note: As example, this guide will explain how to migrate a Linux EC2 instance from EC2-Classic platform to EC2-VPC within the same AWS region.