x4v13r64
commented
6 years ago Correct, nice find - I'll fix this soon.
Will also lower from Danger to Warning.
Additionally I'm seeing that in the subnet view, you don't see what ACL is actually associated to the subnet (you have to go in the ACL view to find associated subnets). Will consider adding this.
For the default rulesets json file, the "vpc-subnet-with-default-acls.json" rule seems to be missing arguments. Looking at vpc-subnet-with-default-acls.json in AWSScout2/rules/data/findings shows that it expects 2 arguments, which are [ "Direction of traffic (ingress or egress)", "Corresponding target (source or destination)" ].