...
Login to the AWS Management Console at https://console.aws.amazon.com.
Navigate to VPC console.
In the left pane, click Security Groups.
Select the security group reported.
Click the Inbound Rules tab.
Click Edit rules.
Identify the rules to be removed.
Click the x in the Remove column.
Click Save rules.
Important:
Remediating may result in user losing SSH access, whose IP is not whitelisted in rules.
Reference:
CIS reference: CIS Amazon Web Services Foundations Benchmark v1.3.0 - 08-07-2020: Recommendation #5.2 (check 1)
...