High
EC2
Regional
VPC default security groups should not allow inbound or outbound traffic
CIS
Description
Checks whether the VPC default security group allows inbound and outbound traffic.
Remediation
To modify the VPC default security group to restrict inbound and outbound traffic, follow these steps:
Steps
- Log in to the AWS Management Console.
- Navigate to the VPC Dashboard at https://console.aws.amazon.com/vpc/.
- In the navigation pane, click on 'Security Groups'.
- Identify the default security group for your VPC.
- Select the default security group and navigate to the 'Inbound Rules' tab.
- Remove or modify the inbound rules to restrict all traffic.
- Navigate to the 'Outbound Rules' tab.
- Remove or modify the outbound rules to restrict all traffic.
- Confirm the changes.
Compliance
CIS