report check show Command
The report check show command displays information about a security check.
Usage
report check show <check_id>
Parameters
| Parameter | Description | Required? | Default Value |
|---|---|---|---|
check_id | Check identifier | ✔️ |
Example
> report check show aws_ec2_allow_ingress_from_internet_to_ssh_port_22_ipv4
# Categories of the check. Example: ['security', 'cost']
categories:
- 'security'
- 'compliance'
# Default values for the check. Will be merged with the values from the config.
default_values: null
# Defines possible detection methods.
# `fix` defines a Fix Inventory search, `fix_cmd` a Fix Inventory CLI command.
# At least one of `fix` or `fix_cmd` must be defined.
# Additional keys can be defined on top.
detect:
fix: 'is(aws_ec2_security_group) and group_ip_permissions[*].{(ip_protocol=-1 or (from_port>=22 and to_port<=22 and ip_protocol=tcp)) and ip_ranges[*].cidr_ip="0.0.0.0/0"}'
id: 'aws_ec2_allow_ingress_from_internet_to_ssh_port_22_ipv4'
provider: 'aws'
# List of related checks.
related: []
# Remediation action for the check.
remediation:
# Remediation actions with tool as key.
# Example tools: fix_cmd, awscli, gcloud, terraform
action: null
kind: 'fix_core_report_check_remediation'
# Textual description of the remediation.
text: 'Apply Zero Trust approach. Implement a process to scan and remediate unrestricted or overly permissive network acls. Recommended best practices is to narrow the definition for the minimum ports required.'
# URL that documents the remediation action.
url: 'https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html'
# Resulting kind this check will emit. Example: aws_ec2_instance
result_kind: 'aws_ec2_security_group'
# What is the risk associated with related resources.
risk: 'If Security groups are not properly configured the attack surface is increased.'
service: 'ec2'
# Severity of the check.
severity: 'high'
# Title of the check.
title: 'Ensure no security groups allow ingress from 0.0.0.0/0 to SSH port 22.'