Ensure there are no Security Groups without ingress filtering being used. Security groups provide stateful filtering of ingress/egress network traffic to AWS resources. It is recommended that no security group allows unrestricted ingress access.
Any security groups configured to allow unrestricted access can increase opportunities for malicious activity such as hacking, denial-of-service attacks, or brute-force attacks.
An inbound rule permits instances to receive traffic from the specified IPv4 or IPv6 CIDR address range, or from the instances associated with the specified security group.
To revoke the changes follow the implementation steps and delete the rule