GitLab

Created by: armorcodegithubqa[bot]

Security groups provide stateful filtering of ingress/egress network traffic to AWS resources. It is recommended that no security group allows unrestricted ingress access to port 22.

Type: [Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark]

Compliance Status: FAILED

Product Name: N/A

Company Name: N/A

Generator Id: arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0/rule/4.1

Record State: ACTIVE

Workflow Status: NEW

Workflow State: NEW

Account Id: 012345678912

Region: N/A

Source URL: N/A

Resource: [ { "Type" : "AwsEc2SecurityGroup", "Id" : "arn:aws:ec2:us-east-1:012345678912:security-group/sg-019f05ef36b86e389", "Partition" : "aws", "Region" : "us-east-1", "Details" : { "AwsEc2SecurityGroup" : { "GroupName" : "ingress-ssh-all-security-hub-test", "GroupId" : "sg-019f05ef36b86e389", "OwnerId" : "012345678912", "VpcId" : "vpc-5021932a", "IpPermissions" : [ { "IpProtocol" : "tcp", "FromPort" : 22, "ToPort" : 22, "IpRanges" : [ { "CidrIp" : "0.0.0.0/0" } ] } ], "IpPermissionsEgress" : [ { "IpProtocol" : "-1", "IpRanges" : [ { "CidrIp" : "0.0.0.0/0" } ] } ] } } } ]

Created At: Mon Jun 08 11:26:54 UTC 2020

Updated At: Sun Jun 14 19:47:34 UTC 2020

Mitigation: For directions on how to fix this issue, please consult the AWS Security Hub CIS documentation. https://docs.aws.amazon.com/console/securityhub/standards-cis-4.1/remediation

Finding Id : 14182778