Control: AWS > CIS v1 > 4 Networking > 4.01 Ensure no security groups allow ingress from 0.0.0.0/0 to port 22 (Scored)

Configures auditing against a CIS Benchmark item.

Level: 1 (Scored)

Security groups provide stateful filtering of ingress/egress network traffic to AWS resources. It is recommended that no security group allows unrestricted ingress access to port 22 .

Resource Types

This control targets the following resource types:

AWS > VPC > Security Group

Primary Policies

The following policies can be used to configure this control:

4.01 Ensure no security groups allow ingress from 0.0.0.0/0 to port 22 (Scored)

In Your Workspace

Developers

Control Type URI

tmod:@turbot/aws-cisv1#/control/types/r0401

Category URI

tmod:@turbot/cis#/control/categories/v070902

GraphQL

query controlType(id: "tmod:@turbot/aws-cisv1#/control/types/r0401") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-cisv1#/control/types/r0401'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-cisv1#/control/types/r0401"