HIGH
Source
Trivy
ID
AVD-AWS-0101

AWS best practice to not use the default VPC for workflows

Default VPC does not have a lot of the critical security features that standard VPC comes with, new resources should not be created in the default VPC and it should not be present in the Terraform.

Impact

Follow the appropriate remediation steps below to resolve the issue.

Create a non-default vpc for resources to be created in

1
2
3
4
# no aws default vpc present
resource "aws_vpc" "main" {
  cidr_block = "10.0.0.0/16"
}