Rule: VPC Security Groups Should Restrict Ingress SSH Access from 0.0.0.0/0

Rule Description

Troubleshooting Steps

2. 1.
   Check the existing inbound rules of the security group.
4. 2.
   Ensure that there is no SSH rule allowing access from 0.0.0.0/0.

Necessary Codes

Remediation Steps

2. 1.
   Log in to the AWS Management Console.
4. 2.
   Go to the EC2 service dashboard.
6. 3.
   Select the desired region.
8. 4.
   Click on the "Security Groups" link in the left navigation pane.
10. 5.
    Locate the security group that needs modification and click on its ID.
12. 6.
    In the "Inbound Rules" tab, locate the SSH rule (port 22) allowing access from 0.0.0.0/0.
14. 7.
    Select the rule and click on the "Actions" button.
16. 8.
    From the dropdown menu, choose "Edit inbound rules."
18. 9.
    Modify the source IP address for the SSH rule to a specific CIDR block or IP range that complies with your organization's security policies.
20. 10.
    If necessary, click on the "Add rule" button to allow SSH access from specific IP addresses or ranges as required.
22. 11.
    Review the changes and click on the "Save rules" button to apply the modified security group configuration.
24. 12.
    Verify that the SSH access from 0.0.0.0/0 has been restricted.
26. 13.
    Repeat the steps for any additional security groups that require this modification.