Overly permissive access is granted by the AWS route table with VPC peering to all traffic. Make sure that AWS route table with VPC peering is configured to prevent overly permissive to all traffic.
1resource "aws_route" "igw" {
2 route_table_id = aws_vpc.vpc.default_route_table_id
3 # Noncompliant: VPC peering contains routes overly permissive to all traffic.
4 destination_cidr_block = "0.0.0.0/0"
5 gateway_id = aws_internet_gateway.igw.id
6 vpc_peering_connection_id = "pcx-45ff3dc1"
7}
1resource "aws_route" "igw" {
2 route_table_id = aws_vpc.vpc.default_route_table_id
3 # Compliant: VPC peering does not contain routes overly permissive to all traffic.
4 destination_cidr_block = "10.0.1.0/22"
5 gateway_id = aws_internet_gateway.igw.id
6 vpc_peering_connection_id = "pcx-45ff3dc1"
7}