c02499a371
* Create rule S6392 * Add first draft * improve title * add last commit to this PR regarding public network access * add metadata tags * changed title * converted ask yourself into generic cloud * converted description into generic cloud * moved aws links to see * converted recommended to generic cloud * convertion of recommended -- added a special case * add cwe * add note in recommended section, not sure about this one * add another cwe * add first version of rule conversion * final rule version * removed leftover code * Update rules/S6329/description.adoc Co-authored-by: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com> * Update rules/S6329/terraform/rule.adoc Co-authored-by: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com> * changed case for bulleted list * improved specs after review * removed potential confusion * changed company<->organization * Update rules/S6329/ask-yourself.adoc Co-authored-by: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com> * Update rules/S6329/description.adoc Co-authored-by: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com> Co-authored-by: loris-s-sonarsource <loris-s-sonarsource@users.noreply.github.com> Co-authored-by: hendrik-buchwald-sonarsource <64110887+hendrik-buchwald-sonarsource@users.noreply.github.com> Co-authored-by: Nils Werner <64034005+nils-werner-sonarsource@users.noreply.github.com>
20 lines
756 B
Plaintext
20 lines
756 B
Plaintext
Enabling public network access to cloud resources can affect an organization's
|
|
ability to protect its data or internal operations from data theft or
|
|
disruption.
|
|
|
|
Depending on the component, inbound access from the Internet can be enabled
|
|
via:
|
|
|
|
* a boolean value that explicitly allows access to the public network.
|
|
* the assignment of a public IP address.
|
|
* database firewall rules that allow public IP ranges.
|
|
|
|
Deciding to allow public access may happen for various reasons such as for
|
|
quick maintenance, time saving, or by accident.
|
|
|
|
This decision increases the likelihood of attacks on the organization, such as:
|
|
|
|
* data breaches.
|
|
* intrusions into the infrastructure to permanently steal from it.
|
|
* and various malicious traffic, such as DDoS attacks.
|