Query: Security groups should not allow unrestricted access to ports with high risk

Description

This control checks whether unrestricted incoming traffic for the security groups is accessible to the specified ports that have the highest risk. This control passes when none of the rules in a security group allow ingress traffic from 0.0.0.0/0 for those ports.

Query

Tables used in this query:

• aws_vpc_security_group
• aws_vpc_security_group_rule

Controls using this query:

• 19 Security groups should not allow unrestricted access to ports with high risk
• Security groups should not allow unrestricted access to ports with high risk

SQL