This rule ensures that VPC security groups restrict ingress SSH access to enhance security measures.
Rule | VPC security groups should restrict ingress SSH access from 0.0.0.0/0 |
Framework | NIST 800-171 Revision 2 |
Severity | ✔ High |
VPC Security Group Ingress SSH Restriction
Description
To comply with the NIST 800-171 Revision 2 security control, the VPC security groups in your organization's AWS environment must restrict ingress SSH (Secure Shell) access from the
0.0.0.0/0
IP range. This IP range represents unrestricted access from any source IP address, which poses a security risk.Restricting ingress SSH access to specific IP ranges helps protect your resources from unauthorized access and potential security breaches.
Troubleshooting Steps
If any issues arise while implementing the VPC security group ingress SSH restriction, follow these troubleshooting steps:
0.0.0.0/0
IP range.Necessary Codes
No specific codes are required for this rule/policy. It involves modifying the existing security group rules using the AWS Management Console or AWS Command Line Interface (CLI).
Remediation Steps
Follow these steps to remediate the VPC security group ingress SSH restriction:
0.0.0.0/0
.Ensure to apply these steps to all relevant security groups within your AWS environment to fully comply with the NIST 800-171 Revision 2 standard.
Note: It is strongly recommended to secure SSH access by specifying only trusted IP ranges and implementing other security measures such as multi-factor authentication (MFA) and key pair management.
By restricting ingress SSH access to specific IP ranges, you enhance the security posture of your VPC and reduce the risk of unauthorized access to your infrastructure.