More Info:

This rule checks whether instances managed by Amazon EC2 Systems Manager are configured to collect blacklisted inventory types.

Risk Level

Low

Address

Configuration

Compliance Standards

CBP

Triage and Remediation

Remediation

To remediate the misconfiguration of EC2 Systems Manager collecting blacklisted inventory in AWS, follow these steps using the AWS Management Console:

  1. Access AWS Systems Manager Console:

    • Log in to your AWS account and navigate to the AWS Management Console.
    • Go to the Systems Manager service by searching for it in the search bar.
  2. Navigate to Inventory Explorer:

    • In the Systems Manager console, navigate to the ‘Explorer’ section from the left-hand menu.
  3. Identify Blacklisted Inventory:

    • In the Inventory Explorer, you will be able to see a list of all the managed instances and the collected inventory details.
    • Identify the blacklisted inventory items that are being collected by EC2 Systems Manager.
  4. Update Inventory Collection Configuration:

    • Click on ‘Inventory Setup’ in the Systems Manager console.
    • Review the inventory collection configuration settings to identify the blacklisted items.
    • Click on ‘Edit Inventory Schema’ to modify the inventory collection configuration.
  5. Remove Blacklisted Items:

    • In the inventory schema, locate the blacklisted inventory items that are being collected.
    • Remove the blacklisted items from the inventory schema by deselecting them or deleting them from the configuration.
  6. Save Changes:

    • Once you have removed the blacklisted items from the inventory collection configuration, click on ‘Save’ to apply the changes.
  7. Verify Configuration:

    • Go back to the Inventory Explorer and verify that the blacklisted inventory items are no longer being collected.
  8. Monitor for Compliance:

    • Regularly monitor the inventory collection configuration to ensure that blacklisted items are not being collected in the future.

By following these steps, you can remediate the misconfiguration of EC2 Systems Manager collecting blacklisted inventory in AWS.