CCSS (Common Configuration Scoring System) is a set of measures used to determine the severity of the rule.
Each rule is associated with a high-level category. For example IAM, Container, Monitoring, Logging, Network, etc.
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsInbound traffic is allowed to a resource from any source instead of a restricted range, and potentially everyone can access your resource.
Set cidr_block
to specific CIDR block range only, e.g. 192.168.1.0/24
.
resource "aws_network_acl_rule" "rule1" {
network_acl_id = "${aws_network_acl.nacl1.id}"
rule_number = 10
protocol = "tcp"
rule_action = "allow"
cidr_block = "192.168.1.0/24"
from_port = 22
to_port = 22
}
Set CidrBlock
to specific IP range only, e.g. 192.168.1.0/24
.