Ensure that all Amazon EC2 dedicated instances provisioned within your AWS account are regularly reviewed for cost optimization. Dedicated instances are EC2 compute resources which run on single-tenant hardware (i.e. physically isolated at the host level).
This rule can help you with the following compliance standards:
- NIST4
For further details on compliance standards supported by Conformity, see here.
This rule resolution is part of the Conformity Security & Compliance tool for AWS.
optimisation
Since dedicated instances are physically isolated at the host hardware level from instances provisioned in other AWS accounts, these are more expensive than the ones running on shared (default) environment. For example, if you provision a c4.xlarge-type shared EC2 instance within US-East (N. Virginia) region instead of a dedicated c4.xlarge-type instance, you can save roughly $15 per month (as of March 2017).
Audit
To identify the running AWS EC2 dedicated instances available in your AWS account for review purposes, perform the following:
Remediation / Resolution
Case A: Migrate your running EC2 dedicated instances to the default (shared) tenancy to reduce your monthly AWS EC2 usage costs. To re-launch your instances using the default tenancy, perform the following:
Case B: Maintain the current tenancy configuration for your EC2 dedicated instances. In this case your EC2 instances are dedicated by design and intentional (e.g. these must comply with your organization regulatory security requirements).
References
- AWS Documentation
- Amazon EC2 Pricing
- Amazon EC2 Dedicated Instances
- Dedicated Instances
- Creating an Amazon EBS-Backed Linux AMI
- Launching an Instance
- Elastic IP Addresses
- AWS Command Line Interface (CLI) Documentation
- ec2
- describe-instances
- create-image
- run-instances
- disassociate-address
- associate-address
- terminate-instances
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.

You are auditing:
EC2 Instance Dedicated Tenancy
Risk level: Medium