Missing description for security group rule.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | ec2 |
| Provider | AWS |
Description#
Security group rules are missing descriptions, making it unclear why specific network access is allowed or denied. This lack of context complicates auditing, troubleshooting, and managing security group configurations.
Impact#
Without descriptive information, it becomes difficult to identify the purpose of each rule, increasing the risk of accidental misconfiguration or unauthorized access. This can hinder incident response and lead to security gaps going undetected.
Resolution#
Add descriptions for all security groups rules