To perform an Infrastructure Audit for either Security Groups or SSH Keys usage in your RightScale account.
Note: Currently you can only create Infrastructure Audits Reports for EC2.
Note: Under the source tab, which can either represent a range of public IP addresses or Security Groups, an IP address may have "!!" after it. This denotes that the entire world can view that IP.
Table of Contents
You can create an Infrastructure Audit Report for the following EC2 cloud resources:
- EC2 Security Groups
- EC2 SSH Keys
EC2 Security Groups
- Navigate to: Reports > Infrastructure Audit > Security Groups
- Click Perform New Audit. You will be prompted with the option of performing an Infrastructure Audit on 'Public Ports' or 'All Ports'.
Public Ports - Create a report on all ports that are highly accessible to the public, meaning ports that allow access from subnets larger than a /24 (i.e. /0 through /23). Ports that only allow access from other security groups or from subnets of size /24 or smaller (i.e. /24 through /32) are not reported.
All Ports - Create a report on all ports to which any access is allowed. This is the most comprehensive report.
EC2 SSH Keys
- Navigate to: Reports -> Infrastructure Audit -> SSH Keys
- Click Perform New Audit. You be prompted with the option of performing an Infrastructure Audit on 'Running servers' or 'All keys'.
Running servers - Create a report on all SSH keys that are used by running servers. SSH Keys that are associated to inactive Servers will not be listed.
All keys - Create a report on all SSH keys. This is the most comprehensive report.