Back to All Checks
Medium EC2 Regional

Unused Amazon EC2 security groups should be removed

FSBP

Description

This control checks whether security groups are attached to Amazon Elastic Compute Cloud (Amazon EC2) instances or to an elastic network interface. The control fails if the security group is not associated with an Amazon EC2 instance or an elastic network interface. Unused security groups can create security risks by providing unnecessary access points and can also lead to confusion about which security groups are actually in use. Removing unused security groups helps maintain a clean and secure network environment.

Remediation

Remove unused security groups that are not attached to any EC2 instances or network interfaces.

Steps

  1. Open the Amazon EC2 console.
  2. Choose 'Security Groups' from the navigation pane.
  3. Review the list of security groups and identify which ones are not in use.
  4. Select the unused security group you want to delete.
  5. Choose 'Actions' and then 'Delete security group'.
  6. Confirm the deletion in the dialog box.

Compliance

FSBP
Start Your Free Security Check