Query: VPC security groups should restrict ingress SSH access from 0.0.0.0/0

Description

AWS Elastic Compute Cloud (AWS EC2) Security Groups can help manage network access by providing stateful filtering of ingress and egress network traffic to AWS resources.

Query

Tables used in this query:

• aws_vpc_security_group
• aws_vpc_security_group_rule

Controls using this query:

• 4.1 Ensure no security groups allow ingress from 0.0.0.0/0 to port 22
• VPC security groups should restrict ingress SSH access from 0.0.0.0/0

SQL