Network misconfigurations

Default security group allows inbound or outbound traffic

Risk Level

Informational (4)

Platform(s)

Description

An AWS Security Group acts as a virtual firewall for your instances to control inbound and outbound traffic. The default security group ""{AwsEc2SecurityGroup}"" ({AwsEc2SecurityGroup.GroupId}) is configured to allow inbound or outbound access, which is considered a bad practice. Default security group cannot be deleted, and should be restricted. This prevents undesired traffic in case the default security group will accidentally be configured for resources such as EC2 instance.