On August 31, AWS announced its new ability to add descriptions to security group rules. Previously, descriptive text was only available for identifying security groups. The challenge with this limitation was being able to quickly recognize the purpose of the security group rule without any context.
Security group rules are categorized by type, protocol, port range and source. For example, you could be looking at a rule that is known as SSH, TCP, 22, 126.96.36.199/32, but it’s very hard to tell where it came from, who created it, or what it is for. This is like looking for someone in a crowd but only having their social security number, blood type and date of birth. How would you be able to identify who they were if you were only looking for them? As it turns out, this particular rule shows someone opened SSH from a public WiFi access point at a Starbucks in Chicago!
In response to this latest feature, DivvyCloud created a new audit bot that quickly locates security group rules that do not have descriptions. Maintaining and cleaning up these rules is big concern for organizations, and having an automated method to address these issues can save a great deal of time and more efficiently protect the cloud infrastructure.
When the time comes to auditing these resources, it can be almost impossible to tell if it is still needed, what it was for, or if it provides a risk for the organization. This can be problematic for organizations that are juggling thousands or tens of thousands of security group rules. This addition to AWS services is intended to greatly reduce operator error during the auditing and security management process.
To learn more about this and other features DivvyCloud offers visit www.divvycloud.com.