EC2 Instance Using Default Security Group
- Query id: 8d03993b-8384-419b-a681-d1f55149397c
- Query name: EC2 Instance Using Default Security Group
- Platform: Ansible
- Severity: Medium
- Category: Access Control
- CWE: 732
- URL: Github
Description¶
EC2 instances should not use default security group(s)
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
- name: example
amazon.aws.ec2:
key_name: mykey
instance_type: t2.micro
image: ami-123456
wait: yes
group: default
count: 3
vpc_subnet_id: subnet-29e63245
assign_public_ip: yes
Positive test num. 2 - yaml file
- name: example2
amazon.aws.ec2:
key_name: mykey
instance_type: t2.micro
image: ami-123456
wait: yes
group:
- default
count: 3
vpc_subnet_id: subnet-29e63245
assign_public_ip: yes