Network misconfigurations

Unused Network ACL

Description

A network access control list (ACL) operates as a firewall for regulating traffic in and out of one or more subnets in a virtual private cloud. A virtual private cloud (VPC) is a private virtual network in your AWS account, which is logically isolated from other virtual networks in AWS cloud. A VPC subnet is a subdivision of the VPC network, which has a range of IP addresses. Network ACL is an optional layer of protection for your VPC subnets. It was found that the network ACL {AwsEc2NetworkAcl} is not associated with a subnet, and therefore unused.