turbot/ibm_compliance

Control: 6.2.3 Ensure no VPC security groups allow ingress from 0.0.0.0/0 to port 3389

Description

VPC security groups provide stateful filtering of ingress/egress network traffic to Virtual Server Instances. It is recommended that no security group allows unrestricted ingress access to port 3389.

Remediation

From Console

  1. Login to the IBM Cloud Portal.
  2. At the Menu icon, select VPC Infrastructure-->Security Groups.
  3. For each security group, perform the following: a. Select the access control list name. b. Identify the Inbound rule to be removed. c. Using the Options icon, select Delete.

Usage

Run the control in your terminal:

powerpipe control run ibm_compliance.control.cis_v100_6_2_3

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run ibm_compliance.control.cis_v100_6_2_3 --share

SQL

This control uses a named query:

vpc_security_group_restrict_ingress_rdp_all

Tags