Prisma Cloud Remediation - AWS Security Groups Allows Internet Traffic To TCP Port

Extracts the TCP public Security Groups rule and provides manual/automatic options to have the rules revoked.

Dependencies#

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks#

This playbook does not use any sub-playbooks.

Integrations#

  • Builtin
  • AWS - EC2

Scripts#

  • AwsEC2GetPublicSGRules

Commands#

  • aws-ec2-revoke-security-group-ingress-rule
  • aws-ec2-describe-security-groups
  • closeInvestigation

Playbook Inputs#

NameDescriptionDefault ValueRequired
AutoRevokeRuleCan be, "yes" - public security group rules will be automatically revoked, or "no" - analyst will be prompted whether or not to allow automatic removal of the rules.noRequired

Playbook Outputs#

There are no outputs for this playbook.

Playbook Image#

PrismaCloudRemediation_AWSSecurityGroupsAllowInternetTrafficToTCPPort

Edit this page
Report an Issue