Internet wide security groups

Description

AWS security groups should not have wildcards and be open to the world.

Open Policy Agent Rule

{
  "rego": "import data.helpers\n\nR_0012 {\n\thelpers.isSecurityGroup\n\thelpers.hasOpenIpPermissions\n}",
  "managed": true,
  "name": "Internet wide security groups",
  "severity": "HIGH",
  "description": "AWS security groups should not have wildcards and be open to the world",
  "enabled": true,
  "id": "13eb2b91-395c-4740-b44f-4da2d304c023",
  "refId": "R-0012"
}

What’s Next