Soak Testing Environment
We confugred AWS Config rules in our test environment, which represent our ideal configuration settings. The current rule we are using, vpc-default-security-group-closed, checks that the default security group of any VPC does not allow inbound or outbound traffic. If we navigate to the AWS Config console we can see our non-compliant rule:
Our default security group is too permissive. Let’s close it down. Fisrt, click on the security group ID to go to the VPC Management Console. The default security groups looks something like this:
Click on “Edit inbound rules” and delete the rule. After this, do the same for the Outbound rules. Going back to the Config console, click on “Re-evaluate” and watch the rule become compliant!
We are now ready to approve our commit to production.
