Amazon_EC2_11

Ensure no security group allows unrestricted egress access

Description

Security groups provide stateful filtering of ingress/egress network traffic to AWS resources. It is recommended that no security group allows unrestricted egress access

Remediation

To restrict Outbound traffic for your security group :

1. Open the Amazon VPC console at https://console.aws.amazon.com/vpc/.

2. In the navigation pane, choose Security Groups.

3. Select the security group to update, and choose Outbound Rules to update a rule for outbound traffic.

4. Choose Edit.

5. Modify the rule and reduce the scope of the outbound rules to just the necessary scope, protocol, and ports.

6. Choose Save.

References :

https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html

Service

EC2

Severity

Medium

Compliance

Mapping

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!