This rule ensures that VPC security groups restrict SSH access from all IP addresses.
Rule | VPC security groups should restrict ingress SSH access from 0.0.0.0/0 |
Framework | RBI Cyber Security Framework |
Severity | ✔ High |
Description:
According to the RBI Cyber Security Framework, it is recommended to restrict SSH access to your VPC security groups from 0.0.0.0/0. This policy aims to enhance the security of your AWS infrastructure by limiting SSH access to only trusted sources.
Troubleshooting Steps:
If your security groups are not restricting ingress SSH access from 0.0.0.0/0, you might face potential security risks due to unauthorized access. To troubleshoot and implement this policy correctly, follow the steps below:
Necessary Code:
If you are using AWS CLI, you can utilize the following code snippet to implement this policy:
aws ec2 authorize-security-group-ingress --group-id <security-group-id> --protocol tcp --port 22 --cidr 0.0.0.0/0
Step-by-Step Guide for Remediation:
Alternative Method (AWS CLI):
<security-group-id>
with the actual ID of your security group:aws ec2 authorize-security-group-ingress --group-id <security-group-id> --protocol tcp --port 22 --cidr <trusted-ip-range>
Ensure that you replace
<trusted-ip-range>
with the appropriate IP range from where you want to allow SSH access. It is advisable to limit the range to a specific IP or a CIDR block to strengthen security.By following these steps, you will successfully enforce the RBI Cyber Security Framework policy and restrict 0.0.0.0/0 ingress SSH access to your VPC security groups. This will help mitigate the risk of unauthorized SSH connections and enhance the security of your AWS infrastructure.