Skip to main content

lacework-global-148

Security group inbound traffic should not allow inbound traffic from all

Description

Security groups provide stateful filtering of ingress/egress network traffic to AWS resources. Best practices recommend that no security group allows unrestricted ingress access to prevent any unauthorized access.

Remediation

  1. Log in to the AWS Management Console.

  2. Select Services.

  3. Select EC2.

  4. From the left panel, select Security Groups.

  5. Select the security group to edit.

  6. Select Edit inbound rules.

  7. For each rule, restrict access to only the appropriate port or port range and IP address range.

  8. Select Save rules.

Last updated on