Determine if there is a large number of EC2 security groups available within each AWS regions and reduce their number by removing any unnecessary or obsolete security groups. To maintain optimal access security at the instance level, Cloud Conformity recommends two threshold values of 50 (Large) and 100 (Excessive) for the maximum number of security groups available per region. Besides these two (default) values recommended, you have the capability to adjust the threshold based on your requirements.
This rule can help you with the following compliance standards:
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Using a large number of EC2 security groups can increase opportunities for malicious activity as creating and managing multiple security groups can increase the risk of accidentally allowing unrestricted access.
Note: The threshold for the maximum number of security groups per AWS region set for this guide is 50 (Large).
To determine if there are more than 50 EC2 security groups available within an AWS region, perform the following:
To remove any unnecessary or obsolete EC2 security groups from an AWS region, perform the following: