Risk Level: High
Cloud Entity: AWS EC2 SecurityGroup
CloudGuard Rule ID: D9.CFT.NET.22
Covered by Spectral: No
Category: Security, Identity, & Compliance

GSL LOGIC

AWS_EC2_SecurityGroup should not have SecurityGroupIngress contain-any [ CidrIp='0.0.0.0/0' and FromPort>=9300 and ToPort<=9300 ]

REMEDIATION

From CFT
Set AWS::EC2::SecurityGroup SecurityGroupIngress.CidrIp property to a restrictive IP address or IP range.

References

AWS EC2 SecurityGroup

A Security group acts as a virtual firewall for your EC2 instances to control incoming and outgoing traffic. Inbound rules control the incoming traffic to your instance, and outbound rules control the outgoing traffic from your instance. When you launch an instance, you can specify one or more security groups. AWS::EC2::SecurityGroup Specifies a security group. To create a security group, use the VpcId property to specify the VPC for which to create the security group.

Compliance Frameworks

AWS CloudFormation ruleset