standard
turbot/aws_compliance

Pipeline: Correct VPC security groups allowing ingress to port 445

Revoke VPC security group rule entries to restrict access to port 445 from 0.0.0.0/0 or ::/0.

Run the pipeline

To run this pipeline from your terminal:

flowpipe pipeline run aws_compliance.pipeline.correct_vpc_security_groups_allowing_ingress_to_port_445 \
--arg 'items=<list(object({
title = string,
group_id = string,
security_group_rule_id = string,
ip_protocol = string,
from_port = number,
to_port = number,
cidr_ipv4 = string,
cidr_ipv6 = string,
region = string,
conn = string
}))>'

Use this pipeline

To call this pipeline from your pipeline, use a step:

step "pipeline" "step_name" {
pipeline = aws_compliance.pipeline.correct_vpc_security_groups_allowing_ingress_to_port_445
args = {
items = <list(object({
title = string,
group_id = string,
security_group_rule_id = string,
ip_protocol = string,
from_port = number,
to_port = number,
cidr_ipv4 = string,
cidr_ipv6 = string,
region = string,
conn = string
}))>
}
}

Params

NameTypeRequiredDescriptionDefault
items
list(object({
      title                  = string,
      group_id               = string,
      security_group_rule_id = string,
      ip_protocol            = string,
      from_port              = number,
      to_port                = number,
      cidr_ipv4              = string,
      cidr_ipv6              = string,
      region                 = string,
      conn                   = string
    }))
YesA collection of detected resources to run corrective actions against.-
notifier
notifier
YesThe name of the notifier to use for sending notification messages.notifier.default
notification_level
string
verbose, info, error
YesThe verbosity level of notification messages to send.info
approvers
list(notifier)
YesList of notifiers to be used for obtaining action/approval decisions.notifier.default
default_action
string
notify, skip, revoke_security_group_rule
YesThe default action to use when there are no approvers.notify
enabled_actions
list(string)
skip, revoke_security_group_rule
YesThe list of enabled actions approvers can select.
[
"skip",
"revoke_security_group_rule"
]

Outputs

This pipeline has no outputs.

Tags

category = Compliance
folder = Internal
mod = aws
service = AWS/VPC