EC2 Security Group Has Excessive Host Rules

Overview

There are multiple ways security groups can have overly-broad permissions that lead to increased security risks. A large number of rules, especially /32 rules, often indicate developers or administrators add rules for their current location and fail to close them when the work is finished. This check identifies security groups with a number of /32 rules equal to or greater than the maximum rule configuration value.

Vendor

AWS

Cloud Service

EC2

Input

{"maxHostRules":{"label":"Maximum host rules","value":5,"type":"number"}}

Severity

Item Types

AWS::EC2::SecurityGroup

Overview​

Vendor​

Cloud Service​

Input​

Severity​

Item Types​