Adding test for VPCe policy tests to ensure non-default policy implemented

awslabs / aws-config-rules

[Node, Python, Java] Repository of sample Custom Rules for AWS Config.

http://aws.amazon.com/config/

Creative Commons Zero v1.0 Universal

1.6k stars 854 forks source link

Adding test for VPCe policy tests to ensure non-default policy implemented #359

Closed belialboy closed 3 years ago

belialboy commented 3 years ago

I confirm these files are made available under CC0 1.0 Universal (https://creativecommons.org/publicdomain/zero/1.0/legalcode)

Issue #, if available:

Description of changes: This PR includes test that tests each VPCe (Gateway and Interface) has a resource policy attached that does not allow all actions (i.e. the default). This manages several attack vectors for bad actors to use to exfiltrate data from a compromised account.