AWS-SecurityGroup-Unused-Security-Group

Severity : Info

Description: This controls ensures that security group in every VPC are attached to resources. Unused security group with rules to allow traffic may be misused by attaching to resources to access illegally. Also unused security groups are still counted towards the limit on number of groups allowed for VPC.  It is recommended that unused security group should be deleted.

Remediation Steps:

Perform following to modify the default security group for VPC:

1. Login to the AWS Management Console at https://console.aws.amazon.com.

2. Navigate to VPC services.

3. In navigation, Select Security Groups under Security.

4. Check the checkbox in front of group reported.

5. In Actions, Select Delete Security Groups.

6. Select Delete to remove group from the VPC.

Important:

Reference:

• Control traffic to your AWS resources using security groups - Amazon Virtual Private Cloud