Identify and remove default VPCs.
AWS creates a default Internet-facing VPC in every region. When launching new instances and other resources, if not otherwise specified it will launch into this network and potentially have Internet access. Removing the default VPC reduces the risk of inadvertently launching something with Internet access, and requires administrators and others to only use approved VPCs. Default VPCs are also commonly leveraged in attacks when the attacker is able to run their own resources.