Skip to main content

AWS - Security Group Remediation

This Playbook is part of the AWS Enrichment and Remediation Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.5.0 and later.

Replace current security groups with limited access security groups.

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

This playbook does not use any sub-playbooks.

Integrations#

  • AWS - EC2

Scripts#

  • Set

Commands#

  • aws-ec2-describe-security-groups
  • aws-ec2-authorize-security-group-ingress-rule
  • aws-ec2-modify-network-interface-attribute
  • aws-ec2-create-security-group

Playbook Inputs#


NameDescriptionDefault ValueRequired
VpcIDThis is the VPC ID used for Security group creation.Required
NicIDThis is the Network interface of Ec2 instance.Required
RemediationRuleThe security group that will used for remediating internet exposures.Remediation-Security-GroupRequired

Playbook Outputs#


There are no outputs for this playbook.

Playbook Image#


AWS - Security Group Remediation