Skip to main content

AWS - Security Group Remediation

This Playbook is part of the AWS Enrichment and Remediation Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.5.0 and later.

Replace current security groups with limited access security groups.


This playbook uses the following sub-playbooks, integrations, and scripts.


This playbook does not use any sub-playbooks.


  • AWS - EC2


  • Set


  • aws-ec2-describe-security-groups
  • aws-ec2-authorize-security-group-ingress-rule
  • aws-ec2-modify-network-interface-attribute
  • aws-ec2-create-security-group

Playbook Inputs#

NameDescriptionDefault ValueRequired
VpcIDThis is the VPC ID used for Security group creation.Required
NicIDThis is the Network interface of Ec2 instance.Required
RemediationRuleThe security group that will used for remediating internet exposures.Remediation-Security-GroupRequired

Playbook Outputs#

There are no outputs for this playbook.

Playbook Image#

AWS - Security Group Remediation