Amazon_EC2_67

Ensure that Security Groups are not open to all

Description

Security Groups should not be open to the internet. If you expand or modify your cloud presence, for instance by adding additional services, or additional regions, you can modify the security policies consistently for all regions from one console

Remediation

Configure your Security Groups to only allow access from internal networks and limited access scope.
If public interface exists, remove it and limit the access scope within the network only to applications or instances that requires access.

Service

EC2

Severity

High

Compliance

Mapping

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!