Medium

Resource is Internet facing

Security & Compliance
Description

An AWS resource is considered Internet-facing if it has a public IP address and is accessible from the internet. This means that the resource can be accessed by anyone who has the necessary permissions, including both authorized and unauthorized users. Common examples of Internet-facing AWS resources include Elastic Compute Cloud (EC2) instances, load balancers, and Amazon S3 buckets that are accessible from the internet. These resources may be necessary for hosting websites, web applications, and other services that require access from the public internet. However, Internet-facing resources also pose a security risk, as they can be targeted by malicious actors who attempt to exploit vulnerabilities and gain unauthorized access. To mitigate these risks, it is important to implement strong security measures such as access controls, network security groups, and encryption, as well as regularly monitoring and auditing the resource for potential security issues.

Remediation

To prevent AWS resources from being Internet-facing, you can take the following remediation steps:

  1. Implement a virtual private cloud (VPC): A VPC is a virtual network that allows you to create isolated environments within the AWS cloud. By deploying your resources in a VPC, you can restrict access to them and prevent them from being publicly accessible.
  2. Use private IP addresses: When creating your resources, ensure that you use private IP addresses that are not accessible from the public internet. This will help to prevent your resources from being Internet-facing.
  3. Apply security groups: Security groups are virtual firewalls that allow you to control inbound and outbound traffic to your resources. By applying security groups, you can restrict access to your resources and prevent them from being accessible from the public internet.
  4. Use network access control lists (ACLs): ACLs are another layer of security that allow you to control inbound and outbound traffic to and from your subnets. By using ACLs, you can restrict access to your resources and prevent them from being accessible from the public internet.
  5. Apply IAM policies: IAM policies allow you to control access to your AWS resources. By applying appropriate IAM policies, you can restrict access to your resources and prevent them from being accessible from the public internet.

By following these remediation steps, you can prevent your AWS resources from being Internet-facing and reduce the risk of unauthorized access and security breaches.

Enforced Resources
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.