Overview
A Config rule that checks whether security groups in use do not allow restricted incoming TCP traffic to the specified ports. This rule applies only to IPv4.
Configuration Templates
TerraformItems
1
Size
0.7 KB
AWSTemplateFormatVersion: '2010-09-09'
Description: ''
Resources:
ConfigRule:
Type: 'AWS::Config::ConfigRule'
Properties:
ConfigRuleName: restricted-common-ports
Description: >-
A Config rule that checks whether security groups in use do not allow
restricted incoming TCP traffic to the specified ports. This rule
applies only to IPv4.
Scope:
ComplianceResourceTypes:
- 'AWS::EC2::SecurityGroup'
InputParameters:
blockedPort1: '20'
blockedPort2: '21'
blockedPort3: '3389'
blockedPort4: '3306'
blockedPort5: '4333'
Source:
Owner: AWS
SourceIdentifier: RESTRICTED_INCOMING_TRAFFIC
Parameters: {}
Metadata: {}
Conditions: {}
Actions
Customize Template
Sources and Documentation
Configuration Source: AWS Documentation
Additional Documentation:
- AWS Documentation: Setting up AWS Config Managed Rules
- AWS Documentation: AWS Config Managed Rules Overview
- CloudFormation Reference Guide: Create an AWS Config Rule
- AWS CLI Command Reference Guide: Create an AWS Config Rule