Skip to main content

πŸ’Ό Public and Anonymous Access

  • Contextual name: πŸ’Ό Public and Anonymous Access
  • ID: /frameworks/cloudaware/resource-security/public-and-anonymous-access
  • Located in: πŸ’Ό Resource Security

Description​

Policies for identifying, managing, and restricting access to publicly available resources.

Similar​

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags

Policies (24)​

PolicyLogic CountFlags
πŸ“ AWS EC2 Security Group allows public IPv4 (0.0.0.0/0) access to admin ports 🟒1🟒 x6
πŸ“ AWS EC2 Security Group allows public IPv6 (::/0) access to admin ports 🟒1🟒 x6
πŸ“ AWS RDS Instance is publicly accessible and in an unrestricted public subnet 🟒1🟒 x6
πŸ“ AWS RDS Snapshot is publicly accessible 🟒1🟒 x6
πŸ“ AWS S3 Bucket is not configured to block public access 🟒1🟒 x6
πŸ“ AWS VPC Network ACL exposes admin ports to public internet ports 🟒1🟒 x6
πŸ“ Azure Cosmos DB Account Virtual Network Filter is not enabled 🟒1🟒 x6
πŸ“ Azure Managed Disk Public Network Access is not disabled 🟒1🟒 x6
πŸ“ Azure Network Security Group allows unrestricted HTTP(S) access from the Internet 🟒1🟒 x6
πŸ“ Azure Network Security Group allows unrestricted RDP access from the Internet 🟒1🟒 x6
πŸ“ Azure Network Security Group allows unrestricted SSH access from the Internet 🟒1🟒 x6
πŸ“ Azure Network Security Group allows unrestricted UDP access from the Internet 🟒1🟒 x6
πŸ“ Azure Public IP Addresses are not evaluated periodically 🟒🟒 x3
πŸ“ Azure SQL Database allows ingress from 0.0.0.0/0 (ANY IP) 🟒1🟒 x6
πŸ“ Azure SQL Server Public Network Access is not disabled 🟒1🟒 x6
πŸ“ Azure Storage Account Allow Blob Anonymous Access is set enabled 🟒1🟒 x6
πŸ“ Azure Storage Account Default Network Access Rule is not set to Deny 🟒1🟒 x6
πŸ“ Azure Storage Account Public Network Access is not disabled 🟒1🟒 x6
πŸ“ Google BigQuery Dataset is anonymously or publicly accessible 🟒1🟒 x6
πŸ“ Google Cloud SQL Instance External Authorized Networks do not whitelist all public IP addresses 🟒1🟒 x6
πŸ“ Google Cloud SQL Instance has public IP addresses 🟒1🟒 x6
πŸ“ Google GCE Instance has a public IP address 🟒1🟒 x6
πŸ“ Google KMS Crypto Key is anonymously or publicly accessible 🟠🟒🟠 x1, 🟒 x3
πŸ“ Google Storage Bucket is anonymously or publicly accessible 🟒1🟒 x6