restricted-common-ports - AWS Config

restricted-common-ports

Checks whether security groups that are in use disallow unrestricted incoming TCP traffic to the specified ports.

Identifier: RESTRICTED_INCOMING_TRAFFIC

Trigger type: Configuration changes

AWS Region: All supported AWS regions except Europe (Milan), Africa (Cape Town) Region

Parameters:

blockedPort1 (Optional)
Type: int
Default: 20

Blocked TCP port number.

blockedPort2 (Optional)
Type: int
Default: 21

Blocked TCP port number.

blockedPort3 (Optional)
Type: int
Default: 3389

Blocked TCP port number.

blockedPort4 (Optional)
Type: int
Default: 3306

Blocked TCP port number.

blockedPort5 (Optional)
Type: int
Default: 4333

Blocked TCP port number.

AWS CloudFormation template

To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.