AWS security notification: EC2 instances vulnerable to log4j vulnerability

0

Based on the AWS security notification some of the EC2 instances were vulnerable to log4j vulnerability. We updated the EC2 instance to use IMDSv2 and disabled IMDSv1 using the below command:

aws ec2 modify-instance-metadata-options --instance-id <<instance_id>> -http-tokens required --http-endpoint enabled Will this be sufficient or should we take into consideration any other measures?

Dolis
feita há 2 anos586 visualizações