top of page

EC2.16

Unused Network Access Control Lists should be removed

Severity

Cloud Platforms

Resources

Related Standards

Automated

LOW

AWS

Amazon EC2

AWS Foundational Best Practice, ISO27001, NIST CSF, NIST.800-53.r5,

This control checks to see if there are any NACLs (Network Access Control List) that are unused. The control will check the item configuration of the resource AWS::EC2::NetworkAcl and determine the relationships of the NACL.

bottom of page