Possible Issue with Security Groups with the same name #40
Comments
|
I just attempted to make a second security group with the same name as the first one and ran into an error in the console: Since RDS security groups are tracked as a completely separate technology in Security Monkey, I'm assuming your overlap is between an ec2 SG and a VPC SG? (Or even two VPC SG's?) Can you help me reproduce this? I'm trying to reproduce the problem now. Once I've done that, I'll push a hotfix out ASAP. |
|
Monkeysecurity, You are correct. One of the groups is in a VPC the other is an ec2 SG. |
|
I was able to reproduce. The name of a security group is only unique to the VPC in which it lives. So it is possible to have a security group with the same name in EC2, in VPC1, in VPC2, ..., VPCN. The easiest solution may be for Security Monkey to use the Security Group ID as the unique value. However, to make it readable in the UI, I may combine the ID with the name like this: or: |
|
That solution looks good. Thanks for your help. |
Security Monkey was unaware that security group names in different VPC's could collide. Security group names in EC2 may also collide with a VPC security group name. The fix is to include the security group ID and optionally the VPC ID to the name stored by security_monkey.
Security Monkey was unaware that security group names in different VPC's could collide. Security group names in EC2 may also collide with a VPC security group name. The fix is to include the security group ID and optionally the VPC ID to the name stored by security_monkey.
We have security groups with the same Group Name but different Group ID. Only the first Security Group shows up in Security Monkey. The obvious answer is to make a unique Group Name but since we will be reviewing accounts that our organization owns but that the security folks do not have the ability to rename, we may be missing some of the Security Groups.
The text was updated successfully, but these errors were encountered: