Description

The infrastructure definition for network segments in the AWS context is too permissive to databases.

Impact

- Expose resources, processes and sensitive information that could be compromised. - Accept incoming or outcoming connections that should be restricted by design

Recommendation

Limit network segments, ports, IP addresses, network protocols, and administrative services only to the required users.

Threat

Anonymous attacker from Internet.

Expected Remediation Time

⏱️ 120 minutes.

Requirements

Fixes