Rule: Ensure Security Group Does Not Allow Inbound Traffic to TCP 27018 (MongoDB)

Rule Description:

Troubleshooting Steps (if applicable):

2. 1.
   Verify the security group configuration of the EC2 instance.
4. 2.
   Check if inbound rules exist allowing traffic to TCP port 27018 from all sources.
6. 3.
   Identify the security group that contains the problematic rule.
8. 4.
   Remove the offending inbound rule or modify it to restrict access to specific trusted sources.

Necessary Codes (if applicable):

Step-by-step Guide for Remediation:

2. 1.
   Login to the AWS Management Console.
4. 2.
   Navigate to the EC2 service.
6. 3.
   Select the appropriate EC2 instance that needs to be checked.
8. 4.
   Scroll down to the "Security" section and click on the security group ID attached to the instance.
10. 5.
    In the security group details, locate the inbound rules.
12. 6.
    Look for any rule allowing all inbound traffic to TCP port 27018.
14. 7.
    To remove the rule, click on the "Actions" button and select "Remove rule."
16. 8.
    Confirm the removal of the rule if prompted.
18. 9.
    If you want to restrict access to specific trusted sources, click on the "Actions" button and select "Edit inbound rules."
20. 10.
    Modify the existing rule to specify the desired source IP range or security group for inbound traffic to TCP port 27018.
22. 11.
    Save the new rule configuration.
24. 12.
    Verify that the unwanted inbound access to TCP port 27018 has been removed or restricted to trusted sources.
26. 13.
    Repeat the process for any other security groups associated with the EC2 instance if necessary.