Determine if there is a large number of EC2 security groups available within each AWS regions and reduce their number by removing any unnecessary or obsolete security groups. To maintain optimal access security at the instance level, Cloud Conformity recommends two threshold values of 50 (Large) and 100 (Excessive) for the maximum number of security groups available per region. Besides these two (default) values recommended, you have the capability to adjust the threshold based on your requirements.
This rule can help you with the following compliance standards:
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Using a large number of EC2 security groups can increase opportunities for malicious activity as creating and managing multiple security groups can increase the risk of accidentally allowing unrestricted access.
Note: The threshold for the maximum number of security groups per AWS region set for this guide is 50 (Large).
To determine if there are more than 50 EC2 security groups available within an AWS region, perform the following:
Remediation / Resolution
To remove any unnecessary or obsolete EC2 security groups from an AWS region, perform the following:
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Security Group Excessive Counts
Risk level: Medium