Links

AWS EC2 Subnet

Best practices and references below are based on published guidance from the cloud service provider and may reference native capabilities the cloud service provider offers. If you are not using the native security capabilities, the same security requirement can be met using other security capabilities your organization utilizes

Subnet Isolation

Design Guidance:

AWS::EC2::Subnet

Assign Ipv6address On Creation
Terraform
Cidr Block
Terraform
Ipv6cidr Block
Terraform
Map Public Ip On Launch
Terraform
VPC Id
Terraform

AWS::EC2::SubnetCidrBlock

Ipv6cidr Block
Terraform
Subnet Id
Terraform

Design for High Availability

Design Guidance:

AWS::EC2::Subnet

Availability Zone
Terraform

Asset Inventory

Design Guidance:

AWS::EC2::Subnet

Tags
Terraform

Payload Inspection

Design Guidance:

AWS::EC2::SubnetNetworkAclAssociation

Network Acl Id
Terraform
Subnet Id
Terraform

Information Flow Routing

AWS::EC2::SubnetRouteTableAssociation

Route Table Id
Terraform
Subnet Id
Terraform