Ensure EC2 instance does not have unrestricted security group attached
Error: EC2 instance has unrestricted security group attached
Bridgecrew Policy ID: BC_AWS_NETWORKING_12
Severity: CRITICAL
EC2 instance has unrestricted security group attached
Description
A publicly accessible database end-point would be vulnerable to brute force login attempts and subsequent data leak/loss. To minimize security risks, unauthorized access attempts should be restricted.
Fix - Runtime
Procedure
To restrict access to any publicly accessible RDS database instance, you must disable the database Publicly Accessible flag and update the VPC security group associated with the instance.
Updated over 2 years ago