Control: 6.2.5 Ensure no VPC access control lists allow ingress from 0.0.0.0/0 to port 3389
VPC access control lists filter all incoming and outgoing traffic in IBM Cloud VPC. An ACL is a built-in, virtual firewall where ACL rules control traffic to and from the subnets, rather than to and from the virtual servers. It is recommended that no ACL allows unrestricted ingress access to port 3389.
- Login to the IBM Cloud Portal.
- At the Menu icon, select VPC Infrastructure-->Access Control Lists.
- For each security group, perform the following: a. Select the access control list name. b. Identify the Inbound rule to be removed. c. Using the Options icon, select Delete.
Run the control in your terminal:
steampipe check ibm_compliance.control.cis_v100_6_2_5
Snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share ibm_compliance.control.cis_v100_6_2_5
This control uses a named query:vpc_network_acl_restrict_ingress_rdp_all