Support for AWSFBP EC2.19 remediation. "Security groups should not allow unrestricted access to ports with high risk" #72
Comments
|
Thank you for the feature request. We will take this into account when prioritizing remediations for future releases. The solution is designed to be extended. If you want to work within the repo and contribute back to the solution, the help is appreciated. See #67 for an example of a PR. However, it is also possible to extend the solution by only deploying new resources. The orchestrator just looks for a runbook with the correct name structure ( |
Is your feature request related to a problem? Please describe.
Out of the box the SHARR solution does not include a number of remediations that we feel would be extremely useful. Namely, AWS foundational best practices control EC2.19. "EC2.19 Security groups should not allow unrestricted access to ports with high risk". This is a fairly difficult rule to keep compliant if it is not being checked for automatically.
Describe the feature you'd like
We would love to see support for an automatic remediation for this rule. We have already deployed SHARR and implemented a number of controls and thus would like to avoid redeploying the solution with custom modified code to remediate EC2.19. A remediation that, if enabled, would close down offending security groups (as described n the control description) would be extremely useful, possible even the ability to add custom rules regarding security group configurations that we would disallow in our organization.
Additional context
If there is any simple way to add this remediation to my existing solution without modifying existing architecture, I would love to know about it.
The text was updated successfully, but these errors were encountered: