Ensure Security Group Rule for TCP Port 5601 on EC2 Instance

This rule ensures the Security Group restricts inbound traffic to TCP port 5601 on EC2 instance.

Rule	Ensure Security Group attached to EC2 instance does not allow inbound traffic from all to TCP port 5601 (Kibana)
Framework	CloudDefense.AI Security
Severity	✔ High

Rule/Policy Description:

This rule ensures that the Security Group attached to an EC2 instance does not allow inbound traffic from all sources to TCP port 5601, which is commonly used for Kibana, a visualization and exploration tool for Elasticsearch.

Troubleshooting Steps:

1.
Check the Inbound Rules of the Security Group associated with the EC2 instance.

2.
Verify if there is a rule allowing inbound traffic from all sources to TCP port 5601.

3.
If such a rule exists, it should be removed or modified to restrict access only to trusted sources.

Necessary Code:

No code is required for this rule, as it pertains to the configuration of the Security Group.

Step-by-Step Guide for Remediation:

1.
Log in to the AWS Management Console.

2.
Navigate to the EC2 service.

3.
Click on "Instances" in the sidebar to access the list of EC2 instances.

4.
Identify the instance for which you want to check the Security Group.

5.
Note the Security Group associated with the instance (you can find this information in the "Instance details" section).

6.
Go to the "Security Groups" section in the sidebar.

7.
Search for and select the Security Group associated with the instance.

8.
In the "Inbound rules" tab, look for a rule that allows inbound traffic from all sources to TCP port 5601.

9.
If such a rule exists, select it and click on the "Remove" or "Edit" button to modify it.

10.
To remove the rule, simply click on the "X" symbol next to it.

11.
To modify the rule, edit the source IP or range to restrict access only to trusted sources.

12.
Save the changes to the Security Group configuration.

By following these steps, you can ensure that the Security Group attached to the EC2 instance does not allow inbound traffic from all sources to TCP port 5601 (Kibana) for CloudDefense.

Ensure Security Group Rule for TCP Port 5601 on EC2 Instance

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Rule/Policy Description:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Troubleshooting Steps:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Necessary Code:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Step-by-Step Guide for Remediation:

Is your System Free of Underlying Vulnerabilities? Find Out Now

Rule/Policy Description:

Troubleshooting Steps:

Necessary Code:

Step-by-Step Guide for Remediation:

Is your System Free of Underlying Vulnerabilities?
Find Out Now