Check for AWS EC2 security groups that allow unrestricted inbound and/or outbound access (0.0.0.0/0 or ::/0) on both common and uncommon ports (except 80 and 443 ports) in order to secure the access at the EC2 instance level. Cloud Conformity strongly recommends access restrictions on any opened ports, except for the 80 (HTTP) and 443 (HTTPS) web-facing ports that allow inbound access only.
Implementing access restrictions at the EC2 level can protect your instances against malicious attacks such as brute-force attacks, Denial of Service (DoS) attacks, man-in-the-middle attacks (MITM) and prevent hacking or loss of data. Note: If your EC2 instance require custom access and there are already implemented access restrictions at the OS level using software firewalls such as iptables or Windows Server Firewall, you can choose to disable this rule, although is NOT recommended. Ideally, these two methods should be used to complement each other.
Cloud Conformity provides 2 levels of severity for this checkup – High and Very High, allowing you to change the level based on your requirements.