Remove Entries in Security Groups Which Allow DNS (TCP Port 53 and UDP Port 53) Access From Public IP

It is AWS best practice to remove entries in security group which allows DNS access from public IP to reduce possibility of breach. Allowing unrestricted DNS access can increase threats such as Denial of Service (DoS) attacks or Distributed Denial of Service (DDoS) attacks.

Adopt Template

Trigger

Use this to initiate a workflow based on time, events or call.

Runs everyday

Resource

Select resources on which you want to work on.

Gets Security Groups in a specific AWS Region for EC2 service.

Filter

Enter parameters to filter resources in the workflow.

Filters the security group which allows DNS(TCP port 53 and UDP port 53 ) access from public IP.

Action

Select action to be done on resources in the workflow.

Revoke Security Group Ingress in a specific AWS Region for EC2 service.

Action

Select action to be done on resources in the workflow.

Revoke Security Group Ingress in a specific AWS Region for EC2 service.
Adopt Template

Workflow Template

Trigger

Use this to initiate a workflow based on time, events or call.

Runs everyday

Resource

Select resources on which you want to work on.

Gets Security Groups in a specific AWS Region for EC2 service.

Filter

Enter parameters to filter resources in the workflow.

Filters the security group which allows DNS(TCP port 53 and UDP port 53 ) access from public IP.

Action

Select action to be done on resources in the workflow.

Revoke Security Group Ingress in a specific AWS Region for EC2 service.

Action

Select action to be done on resources in the workflow.

Revoke Security Group Ingress in a specific AWS Region for EC2 service.

Create A Template

Thank you! Your submission has been received!
Oops! Something went wrong while submitting. Please Try Again.

Request for a template

You can publish templates created by you on this platform.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Similar Templates

CloudFront distributions

CloudFront
None

CloudFront distributions (Inventory)

AutoScaling Groups

None
AWS Auto Scaling

AutoScaling Groups (Inventory)

Route53 hosted zones

None

Route53 hosted zones (Inventory)

ElastiCache Clusters

None
ElastiCache

ElastiCache Clusters (Inventory)