EC2 Instance Using Default Security Group

  • Query id: 8d03993b-8384-419b-a681-d1f55149397c
  • Query name: EC2 Instance Using Default Security Group
  • Platform: Ansible
  • Severity: Medium
  • Category: Access Control
  • URL: Github

Description

EC2 instances should not use default security group(s)
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - yaml file
- name: example
  amazon.aws.ec2:
    key_name: mykey
    instance_type: t2.micro
    image: ami-123456
    wait: yes
    group: default
    count: 3
    vpc_subnet_id: subnet-29e63245
    assign_public_ip: yes
Positive test num. 2 - yaml file
- name: example2
  amazon.aws.ec2:
    key_name: mykey
    instance_type: t2.micro
    image: ami-123456
    wait: yes
    group:
      - default
    count: 3
    vpc_subnet_id: subnet-29e63245
    assign_public_ip: yes

Code samples without security vulnerabilities

Negative test num. 1 - yaml file
- name: example2
  amazon.aws.ec2:
    key_name: mykey
    instance_type: t2.micro
    image: ami-123456
    wait: yes
    group: my_sg
    count: 3
    vpc_subnet_id: subnet-29e63245
    assign_public_ip: yes