Security groups are an essential control when protecting both a resource or network in the Amazon Web Services cloud. They are rules that dictate who, entities by IP address and protocol, can communicate with your hosted networks and/or individual devices. A misconfigured rule can lead to near fatal results, granting access to the entire internet. With open access, malicious attackers will certainly make attempts to access the resource, increasing the chances of compromise by a wide margin.
The rule that would indicate all connections are allowed is related to inbound traffic, any and all requests sent to the resource, and should not be used is:
| All | All | 0.0.0.0/0 |
Existence of this rule will almost guarantee an attacker gaining illicit access. For help configuring a security group, please see: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html