Determine if there is a large number of inbound and outbound rules defined within your AWS EC2 security groups and reduce their number by removing any unnecessary or overlapping rules. To improve performance and efficiency Cloud Conformity recommends a default value of 50 for the maximum number of rules assigned to a security group, however, this value is configurable so you can adjust it based on your requirements.
This rule can help you with the following compliance standards:
- APRA
- MAS
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
efficiency
Defining a large number of rules for a security group can increase the latency and impact the performance of the EC2 instances associated with the security group.
Note: The threshold for the maximum number of inbound and outbound rules set for this guide is 50 (recommended).
Audit
To determine if there are any EC2 security groups with more than 50 inbound and outbound rules defined, perform the following:
Remediation / Resolution
To remove any unnecessary or overlapping inbound/outbound rules from your EC2 security groups, perform the following:
References
- AWS Documentation
- Amazon EC2 Security Groups for Linux Instances
- AWS Command Line Interface (CLI) Documentation
- ec2
- describe-security-groups
- revoke-security-group-ingress
- revoke-security-group-egress
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
for and
Get started for FREE
You are auditing:
Security Group Rules Counts
Risk level: Low