Amazon_EC2_65
A security group should always have attached protected assets. Removing Unused Security Groups that are open to all, is the expected outcome of the firewall and router rule sets review.
From Portal:
Use following steps to delete the unused security group.
1. Note down the unused Security Groups detected by the CloudGuard Report.
2. Go to EC2 console and navigate to security groups.
3. Select all the security groups and click on ‘Actions’.
4. Click on ‘Delete security groups’.
Use following steps to delete the identified inbound rules where the scope is set to 0.0.0.0/0 and port 0.
1. Login to the AWS Management Console at https://console.aws.amazon.com/vpc/home
2. In the left pane, click Security Groups
3. For each security group, perform the following:
4. Select the security group to update, choose Actions, and then choose Edit inbound rules to remove an inbound rule or Edit outbound rules to remove an outbound rule.
5. Choose the Delete button to the right of the rule to delete.
6. Choose Preview changes, Confirm.
From Command Line:
Identify the security group open to all and run the following command to delete an EC2 security group created within EC2-Classic.
aws ec2 delete-security-group –region region_name –group-name security_group_name
Identify the security group open to all and run the following command to delete an EC2 security group created within EC2-VPC.
aws ec2 delete-security-group –region region_name –group-id security_group_id
References:
1. https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/working-with-security-groups.html#deleting-security-group-rule
2. https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/working-with-security-groups.html#deleting-security-group
3. https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/delete-security-group.html
Want to Know More?
Learn how our partners are managing their cloud security and compliance with Cloudlytics.
I hereby accept the GDPR and Privacy Policy, by subscribing to the newsletters.