Unused NACL Is Not Removed

Overview

This control assesses the presence of unused network access control lists (ACLs).

It examines the configuration of the AWS::EC2::NetworkAcl resource, analyzing the relationships associated with the network ACL.

The control fails if the sole relationship is the VPC of the network ACL. Conversely, if additional relationships are identified, the control passes.

Vendor

AWS

Cloud Service

EC2

Related Controls

EC2.16

Severity

2

Item Types

AWS::EC2::NetworkAcl