Created
November 30, 2020 14:57
-
-
Save nbeguier/4900524692309d77db9eb78624240423 to your computer and use it in GitHub Desktop.
AWS Tower - Rule to detect all port
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "message": { | |
| "text": "[{name}] Allow connection to all port from public network ({source}=>{ports})", | |
| "args": { | |
| "name": { | |
| "type": "variable", | |
| "variable": "sg_name" | |
| }, | |
| "source": { | |
| "type": "variable", | |
| "variable": "source" | |
| }, | |
| "ports": { | |
| "type": "variable", | |
| "variable": "ports" | |
| } | |
| } | |
| }, | |
| "rules": [ | |
| { | |
| "type": "in", | |
| "description": "Check if variable_in is in value_in", | |
| "conditions": [ | |
| { | |
| "type": "constant", | |
| "name": "data_element", | |
| "value": "all" | |
| } | |
| ], | |
| "data_sources": [ | |
| { | |
| "type": "variable", | |
| "name": "data_list", | |
| "value": "ports" | |
| } | |
| ] | |
| }, | |
| { | |
| "type": "is_private_cidr", | |
| "description": "Check if source is not a private CIDR block - RFC 1918", | |
| "conditions": [ | |
| { | |
| "type": "constant", | |
| "name": "is_private_cidr", | |
| "value": false | |
| } | |
| ], | |
| "data_sources": [ | |
| { | |
| "type": "variable", | |
| "name": "source", | |
| "value": "source" | |
| } | |
| ] | |
| } | |
| ], | |
| "severity": "high" | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment