CCSS (Common Configuration Scoring System) is a set of measures used to determine the severity of the rule.
Each rule is associated with a high-level category. For example IAM, Container, Monitoring, Logging, Network, etc.
Is your environment affected by this misconfiguration?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-CC-00735
- creditSnyk Research Team
Description
AppStream should be configured with a Virtual Private Cloud (VPC) to ensure network isolation and enhanced security. Without a VPC, AppStream instances are exposed to the public internet, increasing the risk of unauthorized access and potential data breaches. Configuring AppStream with a VPC provides a secure network environment and allows for better control over inbound and outbound traffic.
How to fix?
Set the vpce_id in access_endpoints to a valid interface vpc endpoint in aws_appstream_stack resource.
Example Configuration
resource "aws_appstream_stack" "example735a1" {
name = "example735a1"
display_name = "example735"
feedback_url = "https://google.com"
redirect_url = "https://google.com"
access_endpoints {
endpoint_type = "STREAMING"
vpce_id = "vpce-0ecf7160e08a063e3"
}
}