Description

Elastic Load Balancer (ELB) supports multiple load balancers types, each provide different feature in multiple network layers (application, network, transport). The elastic load balancer {AwsEc2Elbv2} was discovered to be associated with a security group {AwsEc2Elbv2.SecurityGroups} that allows public ingress access without IP filtering (0.0.0.0/0). Load balancer configured with public access opens the application hosted behind the load balancer to attacks from malicious entities on the Internet.

• 

  Recommended Mitigation

  It is recommended to associate {AwsEc2Elbv2} Load Balancer with security groups that allow inbound traffic only from authorized IP addresses, for more details follow the link https://docs.aws.amazon.com/elasticloadbalancing/index.html.