Default VPC Should Not Be In Use

More Info:

It is recommended not to using the default VPC.

Risk Level

Medium

Address

Security

Compliance Standards

GDPR, SOC2, NISTCSF

Triage and Remediation

Remediation

Using Console

Using CLI

To remediate the misconfiguration of using the Default VPC in AWS, follow these steps:

Open the AWS CLI on your local machine or in the AWS Management Console.
Run the following command to list all the VPCs in your account:
```
aws ec2 describe-vpcs
```
Identify the Default VPC in the output. The Default VPC has the isDefault attribute set to true.
Run the following command to delete the Default VPC:
```
aws ec2 delete-vpc --vpc-id <vpc-id>
```
Replace <vpc-id> with the ID of the Default VPC that you want to delete.
Confirm the deletion by entering y when prompted.
Once the Default VPC is deleted, you will need to create a new VPC and configure it according to your requirements.
```
aws ec2 create-vpc --cidr-block <cidr-block>
```
Replace <cidr-block> with the CIDR block that you want to assign to the new VPC.
Configure the VPC by adding subnets, route tables, security groups, and any other required resources.
Once the VPC is configured, launch your instances in the new VPC instead of the Default VPC.

By following these steps, you can remediate the misconfiguration of using the Default VPC in AWS.

Using Python

To remediate the “Default VPC Should Not Be In Use” misconfiguration in AWS using Python, follow these steps:

Import the necessary AWS SDK libraries for Python:

import boto3

Create a new EC2 resource object:

ec2 = boto3.resource('ec2')

Get a list of all VPCs in the AWS account:

vpcs = list(ec2.vpcs.all())

Loop through the list of VPCs and check if any of them are the default VPC:

for vpc in vpcs:
    if vpc.is_default:
        # Remediate the default VPC

If a default VPC is found, you can either delete it or modify it to remove the default status. To delete the default VPC, use the following code:

vpc.delete()

Alternatively, you can modify the default VPC to remove the default status. To do this, you need to modify the “is_default” attribute of the VPC:

vpc.modify_attribute(Default='false')

Finally, you can confirm that the default VPC has been remediated by checking the list of VPCs again:

vpcs = list(ec2.vpcs.all())
for vpc in vpcs:
    if vpc.is_default:
        print("Default VPC still exists")

This should remediate the “Default VPC Should Not Be In Use” misconfiguration in AWS using Python.

Additional Reading:

https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/default-vpc.html

AWS Introduction

AWS Pricing

AWS Threats

AWS Misconfigurations

Default VPC Should Not Be In Use

More Info:

Risk Level

Address

Compliance Standards

Triage and Remediation

Remediation

Additional Reading:

AWS Introduction

AWS Pricing

AWS Threats

AWS Misconfigurations

​More Info:

​Risk Level

​Address

​Compliance Standards

​Triage and Remediation

​Remediation

​Additional Reading:

More Info:

Risk Level

Address

Compliance Standards

Triage and Remediation

Remediation

Additional Reading: