feat(ec2_checks): add several checks for ec2 (#1268)

* feat(checks): add extra718 * feat(checks): add extra763 * feat(checks): add extra748, extra749, extra72 * feat(checks): add extra750 * feat(checks): add check45 * feat(checks): add check46, check45, check42, check41 * feat(metadata_sample): add sample of check metadata * feat(pci-group): add pci group. * feat(cloud9): environment setup. * fix(protocol): add protocol conditions Co-authored-by: sergargar <sergio@verica.io>
2026-02-11 07:15:15 +00:00 · 2022-07-26 18:21:40 -04:00
parent da76f69e51
commit 66d2b7b4d9
36 changed files with 1095 additions and 91 deletions
--- a/check_sample.metadata.json
+++ b/check_sample.metadata.json
@@ -0,0 +1,51 @@
+{
+  "Categories": [
+    "cat1",
+    "cat2"
+  ],
+  "CheckID": "ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22",
+  "CheckTitle": "Ensure no security groups allow ingress from 0.0.0.0/0 or ::/0 to SSH port 22.",
+  "CheckType": "Data Protection",
+  "Compliance": [
+    {
+      "Control": [
+        "4.1"
+      ],
+      "Framework": "CIS-AWS",
+      "Group": [
+        "level2"
+      ],
+      "Version": "1.4"
+    }
+  ],
+  "DependsOn": [
+    "othercheck1",
+    "othercheck2"
+  ],
+  "Description": "Extended Description",
+  "Notes": "additional information",
+  "Provider": "aws",
+  "RelatedTo": [
+    "othercheck3",
+    "othercheck4"
+  ],
+  "RelatedUrl": "https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html",
+  "Remediation": {
+    "Code": {
+      "CLI": "cli command or URL to the cli command location.",
+      "NativeIaC": "code or URL to the code location.",
+      "Other": "cli command or URL to the cli command location.",
+      "Terraform": "code or URL to the code location."
+    },
+    "Recommendation": {
+      "Text": "Use a Zero Trust approach. Narrow ingress traffic as much as possible. Consider north-south as well as east-west traffic.",
+      "Url": "https://docs.aws.amazon.com/vpc/latest/userguide/vpc-security-best-practices.html"
+    }
+  },
+  "ResourceIdTemplate": "arn:partition:service:region:account-id:resource-id",
+  "ResourceType": "AwsEc2SecurityGroup",
+  "Risk": "If Security groups are not properly configured the attack surface is increased.",
+  "ServiceName": "ec2",
+  "Severity": "low",
+  "SubServiceName": "securitygroup"
+}