Security Group Egress Not Set to All Access
ID: rule:aliyun:ecs-security-group-egress-not-all-access
Severity: high
Description
Security group egress direction should not be set to allow all access (all protocols, all ports, all destinations).
Reason for Violation
The security group has an egress rule that allows all access (all protocols to all destinations), which poses a security risk.
Recommendation
Restrict egress rules to specific protocols, ports, and destination IP ranges based on actual business requirements.
Resource Types
ALIYUN::ECS::SecurityGroupALIYUN::ECS::SecurityGroupEgressALIYUN::ECS::SecurityGroupEgresses