top of page
< Back

AWS Foundational Security Best Practice

EC2.18

Security groups should only allow unrestricted incoming traffic for authorized ports

Severity

Cloud Platforms

Resources

HIGH

AWS

Amazon EC2

This control checks whether the security groups allow unrestricted incoming traffic. The control fails if ports allow unrestricted traffic on ports other than 80 and 443; which are default values for parameter authorizedTcpPorts.

bottom of page