Ensure Transfer Server is not exposed publicly

Resource: aws_transfer_server
Argument: endpoint_type

Error: Transfer Server is publicly exposed

Bridgecrew Policy ID: BC_AWS_NETWORKING_57
Checkov Check ID: CKV_AWS_164
Severity: MEDIUM

Transfer Server is publicly exposed

TBD

resource "aws_transfer_server" "test" {
  + endpoint_type = "VPC"
    protocols   = ["SFTP"]
}

Resources: 
  VPC:
    Type: AWS::Transfer::Server
    Properties: 
        ...
+     EndpointType: "VPC" # or "VPC_ENDPOINT"

Updated 4 days ago