Security groups should restrict traffic to trusted IPv4 addresses

ec2
이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

Security groups provide stateful filtering of ingress and egress network traffic to AWS resources. Allowing unrestricted ingress access to remote server administration ports, such as SSH (port 22) and RDP (port 3389), increases the attack surface and raises the risk of resource compromise. It is recommended to restrict access to these ports to ensure improved security. Before making changes, ensure that administrators have alternative access to remote server administration ports.

Remediation

For guidance on modifying security groups to restrict access, refer to the AWS Security Groups documentation.