Network misconfigurations

Elastic Load Balancer (ELBV2) with public access

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

Elastic Load Balancer (ELB) supports multiple load balancers types, each provide different feature in multiple network layers (application, network, transport). The elastic load balancer {AwsEc2Elbv2} was discovered to be associated with a security group {AwsEc2Elbv2.SecurityGroups} that allows public ingress access without IP filtering (0.0.0.0/0). Load balancer configured with public access opens the application hosted behind the load balancer to attacks from malicious entities on the Internet.
  • Recommended Mitigation

    It is recommended to associate {AwsEc2Elbv2} Load Balancer with security groups that allow inbound traffic only from authorized IP addresses, for more details follow the link https://docs.aws.amazon.com/elasticloadbalancing/index.html. ## Remediation --- >1. Sign in to the AWS Management Console and open the **[EC2 console](https://console.aws.amazon.com/ec2)**. >2. In the navigation pane, under **Load Balancing**, choose **Load Balancers**. >3. Select the desired load balancer. >4. Under **Actions** choose **Edit security groups**. >5. Uncheck the boxes of the inbound permissive security groups. >6. Check the boxes of a more explicit inbound security groups. >7. Choose **Save**.