Using Console
Using CLI
<security-group-id>
with the ID of the security group, <port-number>
with the port number that is open to RFC 1918 IP addresses, and <RFC 1918 IP address range>
with the appropriate RFC 1918 IP address range.Repeat this command for each security group identified in Step 1.Step 3: Verify that the Inbound Rule has been revoked.<security-group-id>
with the ID of the security group.This command will list all the inbound rules for the security group. Verify that the rule allowing inbound traffic from RFC 1918 IP addresses has been revoked.Repeat this command for each security group identified in Step 1.By following these steps, you can remediate the misconfiguration “Security Groups Should Not Allow Inbound Traffic From RFC 1918” for AWS using AWS CLI.Using Python
describe_security_groups
method from the boto3
library.