Reporting Security Groups with TCP Port 22 (SSH) access from public IP

Reporting Security Groups with TCP Port 22 (SSH) access from public IP

It is an AWS best practice to ensure that Security Groups don't allow unrestricted SSH access from public IPs to minimize the possibility of security breaches. An open SSH port can allow people to access your cloud through an unsecured network and increase the risk of threats such as Denial of Service (DoS) attacks or Distributed Denial of Service (DDoS) attacks. With rising security attacks, complete insight into your cloud security status becomes imperative. This is a primary item on our AWS Security checklist!

The Workflow Editor can be used to generate a report of security groups with unrestricted port 22 access. We create the list for you using the ‘security groups’ filter in the filter node, that have public IP inbound rule as 0.0.0.0/0. 

Similarly, workflows can be created to monitor and report security groups with unrestricted access to any ports. The workflow below shows the example we have taken. 



Smart Scheduling at your fingertips

Go from simple to smart, real-time AWS resource scheduling to save cost and increase team productivity.

Learn More
More Posts

You Might Also Like

Product
Introducing the TotalCloud Smart Scheduler
Announcing the launch of the TotalCloud Resource Scheduler! Take complete advantage of AWS's 'pay for what you consume' model by putting a power control for every AWS resource that you use.
January 14, 2020
Sayonee
AWS Use Case Files
Increase AWS EBS Volume size (Auto-remediation)
Learn how a simple workflow can auto-remediate and increase the EBS volume size when disk utilization goes beyond 90%
December 2, 2019
Sayonee
AWS Use Case Files
Instance CPU Utilization Report
Learn how a single workflow can be used to generate a CPU Utilization Report for EC2 Instances. This enables you to stay on top of EC2 utilization efficiency, and ensure you aren't over or underutilizing them.
October 24, 2019
Sayonee
AWS Use Case Files
Lambda Daily Cost Predictor
Learn how a simple workflow can be used to predict daily lambda costs, that can help prevent 'bill-shocks' and optimize your costs better.
October 24, 2019
Sayonee
Cloud Automation
Putting DevOps on autopilot with LEGO-like automation
The post explains our flagship product, the TotalCloud Workflow Editor. The Editor assists you to do practically anything you want on your AWS infrastructure. It primarily enables you to create completely customized workflows from scratch to automate all cloud actions. Learn how to leverage the easy-to-use editor and save loads of time and costs.
October 24, 2019
Sayonee
AWS Use Case Files
Reporting Untagged Resources
Learn how a simple workflow can be set up to generate a report of untagged resources. This report can be utilized to attach appropriate tags to This enables you to save costs, monitor your resources better, and improve performance efficiency.
October 24, 2019
Sayonee