Skip to main content


Security group attached to Network Interface should not allow inbound traffic from all ports


Security groups provide stateful filtering of ingress/egress network traffic to AWS resources. Best practices recommend that no security group allows unrestricted ingress access to your Network Interfaces to prevent any unauthorized access.


  1. Log in to the AWS Management Console.
  2. Click Services.
  3. Select Compute > EC2.
  4. In the left navigation panel, under Network & Security section, choose Security Groups.
  5. Select the Security Group that has the violation reported by Lacework.
  6. In the Inbound tab, edit the inbound rules and restrict access to only the required IPs and ports.