AWS route table with VPC peering overly permissive to all traffic

Description

This policy identifies VPC route tables with VPC peering connection which are overly permissive to all traffic. Being highly selective in peering routing tables is a very effective way of minimizing the impact of breach as resources outside of these routes are inaccessible to the peered VPC.

Code Example

{
 "resource "aws_route" "aws_route_pass_1" {
  route_table_id            = "rtb-4fbb3ac4"
  destination_cidr_block    = "10.0.1.0/22"
  vpc_peering_connection_id = "pcx-45ff3dc1"
}

",
}

Remediation

Terraform

Rule Details

Field	Value
ID	IAC-0478
Severity	LOW
IaC Type	Terraform
Frameworks	Terraform
Checkov ID	CKV2_AWS_44

References

Checkov Rule

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

AWS route table with VPC peering overly permissive to all traffic

Description

Code Example

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

AWS route table with VPC peering overly permissive to all traffic ​

Description ​

Code Example ​

Remediation ​

Rule Details ​

References ​

AWS route table with VPC peering overly permissive to all traffic

Description

Code Example

Remediation

Rule Details

References