Network misconfigurations

ELB missing inbound rules in their security groups


An Elastic Load Balancer has a security group with no inbound rules. Such a security group will prevent the load balancer from receiving any incoming traffic, regardless of the source and destination.
  • Recommended Mitigation

    Define inbound rules for the security groups associated with your load balancers while adhering to the principle of least privilege.