65

AWS Config Rules

Last Update il y a 3 mois

AWS Config Rule: IAM PASSWORD POLICY AWS Config Rule: IAM USER MFA ENABLED AWS Config Rule: MFA ENABLED FOR IAM CONSOLE ACCESS AWS Config Rules: IAM User Unused Credentials Check AWS Config Rule: Access Keys Rotated

AWS Config Rules: No Unrestricted Route to IGW

NO_UNRESTRICTED_ROUTE_TO_IGW

Eduardo Van Cauteren

Last Update il y a 5 mois

Description: Checks if there are public routes in the route table to an Internet gateway (IGW). The rule is NON_COMPLIANT if a route to an IGW has a destination CIDR block of '0.0.0.0/0' or '::/0' or if a destination CIDR block does not match the rule parameter.


Trigger type: Configuration changes


AWS Region: All supported AWS regions

This config rule checks whether there are public routes in the route tables to a certain IGW. The rule will be marked as non-compliant if the Internet Gateway is found with a destination CIDR block of '0.0.0.0/0' or '::/0'.


In order to resolve this, go to VPC service within the AWS Console, click on Route Tables and find the table that is out of compliance. Finally click on its name.


Under the Routes tab, remove or edit the destination CIDR block pointing to 0.0.0.0/0 to make the rule compliant. Be careful when editing routes to avoid service interruption in your infrastructure.

Check the following screenshot as reference:

Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here

Was this article helpful?

0 out of 0 liked this article

Still need help? Message Us