Identify and remove default VPCs.
AWS creates a default Internet-facing VPC in every region. When launching new instances and other resources, if not otherwise specified it will launch into this network and potentially have Internet access. Removing the default VPC reduces the risk of inadvertently launching something with Internet access, and requires administrators and others to only use approved VPCs. Default VPCs are also commonly leveraged in attacks when the attacker is able to run their own resources.
Supported Issue Types:
A default VPC was found
- A default VPC was found in the region _ region name_.
- Remove the VPC
We spend a lot of time talking to cloud security professionals, basically trying to figure out the best ways to get their jobs done in largely uncharted territory. Cloud technology is evolving at an unprecedented [...]
In Quick and Dirty: Building an S3 guardrail with Config we highlighted one of the big problems with Config: you need to set it up in each region of each account. Your best bet to make [...]