Skip to main content

Prisma Cloud Remediation - AWS Security Groups Allows Internet Traffic To TCP Port

This Playbook is part of the Prisma Cloud by Palo Alto Networks Pack.#

Extracts the TCP public Security Groups rule and provides manual/automatic options to have the rules revoked.

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

This playbook does not use any sub-playbooks.

Integrations#

  • Builtin
  • AWS - EC2

Scripts#

  • AwsEC2GetPublicSGRules

Commands#

  • aws-ec2-revoke-security-group-ingress-rule
  • aws-ec2-describe-security-groups
  • closeInvestigation

Playbook Inputs#


NameDescriptionDefault ValueRequired
AutoRevokeRuleCan be, "yes" - public security group rules will be automatically revoked, or "no" - analyst will be prompted whether or not to allow automatic removal of the rules.noRequired

Playbook Outputs#


There are no outputs for this playbook.

Playbook Image#


PrismaCloudRemediation_AWSSecurityGroupsAllowInternetTrafficToTCPPort