Security Group With Unrestricted Access To SSH
- Query id: 57ced4b9-6ba4-487b-8843-b65562b90c77
- Query name: Security Group With Unrestricted Access To SSH
- Platform: Ansible
- Severity: High
- Category: Networking and Firewall
- URL: Github
Description¶
'SSH' (TCP:22) should not be public in AWS Security Group
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
- name: example ec2 group
amazon.aws.ec2_group:
name: example
description: an example EC2 group
vpc_id: 12345
region: eu-west-1
rules:
- proto: tcp
from_port: 22
to_port: 22
cidr_ip: 79.32.0.0/12
- proto: tcp
from_port: -1
to_port: -1
cidr_ip: 79.32.0.0/12
- proto: tcp
from_port: 22
to_port: 22
cidr_ipv6: 2607:F8B0::/24