Unknown Port Exposed To Internet
- Query id: 722b0f24-5a64-4cca-aa96-cfc26b7e3a5b
- Query name: Unknown Port Exposed To Internet
- Platform: Ansible
- Severity: High
- Category: Networking and Firewall
- URL: Github
Description¶
AWS Security Group should not have an unknown port exposed to the entire Internet
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
- name: example ec2 group
amazon.aws.ec2_group:
name: example
description: an example EC2 group
vpc_id: 12345
region: eu-west-1
rules:
- proto: tcp
from_port: 8001
to_port: 8002
cidr_ip: 0.0.0.0/0
- proto: tcp
from_port: 2222
to_port: 2226
cidr_ipv6: ::/0