Just like any host on the Internet, your EC2 instances can be vulnerable to attack. While the EC2 firewall is a very powerful tool for securing your instance from unwanted network traffic, if configured incorrectly, you may inadvertently leave your instance vulnerable to attack.
The three most important things you can do to mitigate potential risks to your instances are:
- Lock down ports to prevent unauthorized access
- Ditch passwords and require administrators to use SSH keys
- Keep up to date with software patches
Read more in details…
https://aws.amazon.com/articles/tips-for-securing-your-ec2-instance/
In addition to the tips above, we also recommend the following best practices:
- Audit any proprietary applications you may be running on your EC2 instance
- Review configuration settings on your packages and harden their configuration from attackers
- Provide access only to those users who have a business need to be on your systems.
- Give them the minimum access and privileges they need to perform their specific tasks.
- Provide temporary escalated privileges such as sudo for users who need to perform occasional privileged tasks.
- Have a procedure to revoke access when it is no longer needed.