Rule: VPC Default Security Group Restrictions

Rule Description:

Troubleshooting Steps:

2. 1.

   Verify Default Security Group Settings: Check the inbound and outbound rules of the default security group associated with the VPC. Ensure that there are no rules allowing any traffic for FedRAMP Moderate Revision 4.

4. 2.

   Review Rule Priority: If there are existing rules allowing inbound or outbound traffic for FedRAMP Moderate Revision 4, check the rule priorities. Lower priority rules may override the desired security settings. Adjust the rule priorities accordingly to ensure the desired restriction is in place.

6. 3.

   Rules Evaluation Order: Evaluate the order in which the rules are evaluated by the security group. Rules are matched from top to bottom based on the priority. Ensure that any rules allowing traffic for FedRAMP Moderate Revision 4 are placed at the bottom of the rule list.

Necessary Codes:

Step-by-step Guide for Remediation:

2. 1.

   Log in to the AWS Management Console (or open the AWS CLI) and navigate to the Amazon VPC service.

4. 2.

   Go to the "Security Groups" section.

6. 3.

   Identify the default security group associated with the VPC you want to modify.

8. 4.

   Click on the default security group to view its details and existing inbound/outbound rules.

10. 5.

    Review the existing rules and check if there are any rules allowing inbound or outbound traffic for FedRAMP Moderate Revision 4.

12. 6.

    If such rules exist, select the rule and click on "Delete" or use the CLI command

    aws ec2 revoke-security-group-ingress

    to remove the inbound rule or

    aws ec2 revoke-security-group-egress

    to remove the outbound rule.

14. 7.

    Double-check that no rules allowing inbound or outbound traffic for FedRAMP Moderate Revision 4 remain in the default security group.

16. 8.

    Save the changes if necessary.