This rule ensures that VPC security groups enforce restrictions on TCP and UDP access from all sources.
Rule | VPC security groups should restrict ingress TCP and UDP access from 0.0.0.0/0 |
Framework | NIST 800-53 Revision 4 |
Severity | ✔ High |
Rule Description:
The rule requires that the Virtual Private Cloud (VPC) security groups restrict ingress TCP and UDP access to prevent unrestricted access from any source IP address (0.0.0.0/0). This rule is in compliance with the NIST 800-53 Revision 4 security standard, which focuses on protecting the confidentiality, integrity, and availability of information systems.
Troubleshooting Steps:
If there are any issues related to this rule, follow these troubleshooting steps:
Necessary Code:
There is no specific code snippet required for this rule, as it relies on configuring and adjusting the security group rules in the AWS Management Console or through command-line interfaces.
Remediation Steps:
Follow these step-by-step instructions to remediate the rule and restrict ingress TCP and UDP access from 0.0.0.0/0 in VPC security groups:
Remember to review and test the changes, ensuring there are no unintended consequences or disruptions to your applications or services before applying them in a production environment.