TF 0129 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
AWS best practice to not use the default VPC for workflows
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | ec2 |
| Provider | AWS |
| Vulnerability Type | omission |
Description
Terraform code is creating resources within the AWS default VPC, which lacks essential security configurations found in custom VPCs. This increases the risk of insecure network exposure for deployed resources.
Impact
Using the default VPC can lead to inadequate network segmentation and insufficient security controls, making resources more vulnerable to unauthorized access or lateral movement by attackers within the AWS environment.
Resolution
Create a non-default vpc for resources to be created in