Back to All Checks
Medium EC2 Regional

EC2 VPC Block Public Access should block internet gateway traffic

FSBP

Description

This control checks whether Amazon EC2 VPC Block Public Access (BPA) settings are configured to block internet gateway traffic for all Amazon VPCs in the AWS account. The control fails if VPC BPA settings are not configured to block internet gateway traffic.

Remediation

To enable VPC Block Public Access for internet gateway traffic, you need to configure the InternetGatewayBlockMode setting.

Steps

  1. Open the Amazon VPC console
  2. Navigate to 'Account settings' in the left navigation pane
  3. Select 'Block public access settings'
  4. Configure the 'Internet gateway' setting
  5. Choose either 'Block ingress' or 'Block bidirectional' based on your requirements
  6. Save the changes to enable VPC BPA for internet gateway traffic

Compliance

FSBP
Start Your Free Security Check