Instances not running inside a VPC are unsupported
AWS EC2 instances must be provisioned within a Virtual Private Cloud (VPC). A VPC is a cloud based virtualised network that provides the networking context for cloud resources and manages their connectivity and routing. Originally, AWS EC2 was hosted in a non-customer managed network, directly owned and managed by AWS. Consequently, any EC2 instances created many years ago, prior to the introduction of customer-managed VPC networking in 2009, were hosted in an AWS-controlled network.
These instances appear in your AWS console as EC2 instances without a VPC. However, instances without a VPC are no longer supported by AWS, despite the fact that they may still function properly and can still be stopped and restarted. These instances should be considered significantly outdated; even if they have been maintained over the years since AWS transitioned to customer-managed networking, they are not technically supported by AWS and cannot be recreated on a like-for-like basis. Therefore, it is advisable to transition to a new, VPC-managed EC2 instance or other compute service to ensure that your instance can be reproduced without any issues.
To address this issue, determine what resources are currently on the instance and migrate them to a new set of EC2 provisioned instances. You may also consider migrating to other cloud services that provide computing resources, such as AWS Lambda, Amazon ECS, Amazon EKS and others.
The simplest migration option is to move to another EC2 instance, which will provide you with the majority of the same features and minimise complications. This approach does not require significant changes, such as containerization or migration of code to a serverless runtime like AWS Lambda.
You will also need to consider the VPC itself as that will become a design and maintenance consideration for your service in the future. The most direct translation would be to create a publicly accessible EC2 instance, however, this is a critical security and design risk that should instead be replaced with load balanced privately networked EC2 instances with traffic fronted by a Load Balancer.
Ensure your network is free of unsupported EC2 servers and validate your migration process - schedule a same-day scan with architetural consultation:
SkySiege Cloud Security Assessments scan for this issue and provide same-day reports..
Available for individual projects or organisations.
