[control.cis_v130_5_1] [AWS] NACL false alarm

[sudiptsharma]

trafficstars

Describe the bug A clear and concise description of what the bug is.

Steampipe version (steampipe -v) steampipe version 0.15.4

Plugin version (steampipe plugin list) hub.steampipe.io/plugins/turbot/aws@latest | 0.71.0 | aws

To reproduce steampipe check benchmark.cis_v130 --export csv

Expected behavior acl-08babb1358fe5e8c3 contains 2 rule(s) allowing ingress to port 22 or 3389 from 0.0.0.0/0 or ::/0. Should be OK But getting this alarmed, even after having deny state for above rule

[rajlearner17]

@sudiptsharma Thanks for using Steampipe

Sad to see this is breaking with an unexpected result. The may be required to test a bit; possible to send a screenshot (omitting sensitive info from it). I see you have provided it in the note; however, it will be good to have a screenshot of the same NACL.

[rajlearner17]

Hi, @sudiptsharma; I am sorry I missed to respond this.

For the time being the query used for this is vpc_network_acl_remote_administration.sql, which is used in cis_v130_5_1, cis_v140_5_1 and foundational_security_ec2_21

We already have a thread regarding this issue here

I hope this helps!

[rajlearner17]

@sudiptsharma Hope you are doing well! Can you please check this thread and give feedback to us?

[rajlearner17]

@sudiptsharma Let us know when you review this in future.