Default VPC security group does not restrict all traffic

Details

This rule checks for adherence to Center for Internet Security (CIS) Recommendation 4.4, Ensure the default security group of every VPC restricts all traffic. https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf#page=138

Tags: ec2 cis