Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Ensure Security Group Attached to Application Load Balancer Instance Rule

This rule ensures the security group does not allow inbound traffic from all to TCP 27017 (MongoDB).

RuleEnsure Security Group attached to application load balancer instance does not allow inbound traffic from all to TCP 27017 (MongoDB)
FrameworkCloudDefense.AI Security
Severity
High

Rule Description:

The rule aims to enhance the security of the application load balancer by disallowing inbound traffic from all sources to TCP port 27017, which is commonly used by MongoDB. By implementing this rule, you prevent potential unauthorized access to the MongoDB service and ensure that the server is well protected.

Troubleshooting Steps (if applicable):

  1. 1.
    Check the inbound rules of the security group associated with the application load balancer.
  2. 2.
    Verify if there is an existing rule allowing inbound traffic from all to TCP port 27017.
  3. 3.
    Confirm if the security group is properly attached to the application load balancer.

Necessary Code (if applicable):

There is no specific code required for this rule. However, you may need to access the command-line interface (CLI) of your cloud provider to make the necessary changes to the security group's inbound rules.

Step-by-Step Guide for Remediation:

Please follow the steps below to remediate the rule violation:

  1. 1.
    Log in to the management console of your cloud provider.
  2. 2.
    Navigate to the application load balancer configuration page.
  3. 3.
    Identify the security group associated with the application load balancer.
  4. 4.
    Access the security group settings or configuration.
  5. 5.
    Look for the inbound rules section of the security group.
  6. 6.
    Locate the existing rule allowing inbound traffic from all to TCP port 27017.
  7. 7.
    Select the rule and find an option to remove or edit it.
  8. 8.
    Either remove the existing rule or modify it to restrict inbound traffic to a specific source (e.g., specific IP addresses, CIDR ranges) or the necessary IP ranges related to your application.
  9. 9.
    Save the changes made to the security group.
  10. 10.
    Verify that the security group settings have been updated successfully.
  11. 11.
    Recheck the application load balancer's functionality to ensure that legitimate traffic is not affected by the new security rule.

By following these steps, you have successfully remediated the rule violation, protecting your application load balancer by disallowing inbound traffic from all sources to TCP port 27017.

Is your System Free of Underlying Vulnerabilities?
Find Out Now