Query: Ensure no security groups allow ingress from 0.0.0.0/0 to port 3389

Description

Security groups provide stateful filtering of ingress/egress network traffic to AWS resources. It is recommended that no security group allows unrestricted ingress access to port 3389.

Query

Tables used in this query:

• aws_vpc_security_group
• aws_vpc_security_group_rule

Controls using this query:

• 4.2 Ensure no security groups allow ingress from 0.0.0.0/0 to port 3389
• Ensure no security groups allow ingress from 0.0.0.0/0 to port 3389

SQL