restricted-common-ports - Amazon Config
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

restricted-common-ports

Checks if the security groups in use do not allow unrestricted incoming TCP traffic to the specified ports. The rule is COMPLIANT when the IP addresses for inbound TCP connections are restricted to the specified ports. This rule applies only to IPv4.

Identifier: RESTRICTED_INCOMING_TRAFFIC

Trigger type: Configuration changes

Amazon Web Services Region: All supported Amazon regions except Asia Pacific (Jakarta), Africa (Cape Town), Middle East (UAE), Asia Pacific (Osaka), Europe (Milan) Region

Parameters:

blockedPort1 (Optional)
Type: int
Default: 20

Blocked TCP port number.

blockedPort2 (Optional)
Type: int
Default: 21

Blocked TCP port number.

blockedPort3 (Optional)
Type: int
Default: 3389

Blocked TCP port number.

blockedPort4 (Optional)
Type: int
Default: 3306

Blocked TCP port number.

blockedPort5 (Optional)
Type: int
Default: 4333

Blocked TCP port number.

Amazon CloudFormation template

To create Amazon Config managed rules with Amazon CloudFormation templates, see Creating Amazon Config Managed Rules With Amazon CloudFormation Templates.