Ensure that every security group egress object has a description
Security group egress defines security rule to allow or restrict outbound traffic. Not having appropriate description may make the security group rules hard to understand and maintain.
Risk Level: Informational
Cloud Entity: AWS EC2 SecurityGroupEgress
CloudGuard Rule ID: D9.CFT.OPE.17
Covered by Spectral: No
Category: Security, Identity, & Compliance
GSL LOGIC
AWS_EC2_SecurityGroupEgress should have Description
REMEDIATION
From CFT
Set AWS::EC2::SecurityGroupEgress Description
property to an appropriate description.
References
AWS EC2 SecurityGroupEgress
SecurityGroupEgress Adds the specified egress rules to a security group for use with a VPC. Use AWS::EC2::SecurityGroupIngress and AWS::EC2::SecurityGroupEgress only when necessary, typically to allow security groups to reference each other in ingress and egress rules. Otherwise, use the embedded ingress and egress rules of the security group.
Compliance Frameworks
- AWS CloudFormation ruleset
Updated over 1 year ago