---
names:
  full: AWS EC2 Security Group allows public IPv4 (0.0.0.0/0) access to admin ports
  contextual: Security Group allows public IPv4 (0.0.0.0/0) access to admin ports
description: "Security groups provide stateful filtering of ingress and egress network\
  \ traffic to AWS resources. It is recommended that no security group allows unrestricted\
  \ ingress access to remote server administration ports, such as SSH to port 22 and\
  \ RDP to port 3389, using either the TCP (6), UDP (17) or ALL (-1) protocols."
type: COMPLIANCE_POLICY
categories:
  - SECURITY
frameworkMappings:
  - "/frameworks/cis-aws-v6.0.0/06/03"
  - "/frameworks/cloudaware/resource-security/network-exposure"
  - "/frameworks/aws-fsbp-v1.0.0/ec2/19"
frameworkIgnoreMappings:
  - /frameworks/cis-aws-v1.3.0/05/03
  - /frameworks/cis-aws-v1.4.0/05/03
  - /frameworks/cis-aws-v1.5.0/05/03
  - /frameworks/cis-aws-v2.0.0/05/03
  - /frameworks/cis-aws-v3.0.0/05/03
similarPolicies:
  internal:
    - dec-x-bcae85fb