CCC.VPC.C02: Limit Resource Creation in Public Subnet
Objective:Restrict the creation of resources in the public subnet with
direct access to the internet to minimize attack surfaces.
Control Family:
Network Security
Threats:
| ID | Title | Description |
|---|---|---|
| CCC.VPC.TH02 | Exposure of Resources to Public Internet | Assignment of external IP addresses to resources exposes resources to the public internet, increasing the risk of attacks such as brute force, exploitation of vulnerabilities, or unauthorized access. |
NIST CSF:
PR.AC-3
Control Mappings
CCM:
SEF-05
ISO_27001:
2013 A.13.1.1
NIST_800_53:
AC-4
Test Requirements
CCC.VPC.C02.TR01:When a resource is created in a public subnet, that resource
MUST NOT be assigned an external IP address by default.
TLP:
tlp_red