MEDIUM
Source
CloudSploit
ID
excessive-firewall-rules

Excessive Firewall Rules

Determines if there are an excessive number of firewall rules in the account

Keeping the number of firewall rules to a minimum helps reduce the attack surface of an account. Rather than creating new rules with the same rules for each project, common rules should be grouped under the same firewall rule. For example, instead of adding port 22 from a known IP to every firewall rule, create a single “SSH” firewall rule which can be used on multiple instances.

Limit the number of firewall rules to prevent accidental authorizations