Security groups should restrict traffic to trusted IPv6 addresses

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

Security groups provide stateful filtering of ingress and egress network traffic to AWS resources. Allowing unrestricted ingress access to remote server administration ports, such as SSH (port 22) and RDP (port 3389), increases the attack surface and raises the risk of resource compromise. It is recommended to restrict access to these ports to maintain secure environments. Before making changes, ensure that administrators have alternative access to remote server administration ports.

Remediation

For guidance on modifying security groups to restrict access, refer to the AWS Security Groups documentation.