Skip to main content
← Back to CCC Virtual Private Cloud

CCC.VPC.C02: Limit Resource Creation in Public Subnet

Control ID:CCC.VPC.C02
Title:Limit Resource Creation in Public Subnet
Objective:Restrict the creation of resources in the public subnet with direct access to the internet to minimize attack surfaces.
Control Family:
Network Security
Threats:
IDTitleDescription
CCC.VPC.TH02Exposure of Resources to Public InternetAssignment of external IP addresses to resources exposes resources to the public internet, increasing the risk of attacks such as brute force, exploitation of vulnerabilities, or unauthorized access.
NIST CSF:
PR.AC-3

Control Mappings

CCM:
SEF-05
ISO_27001:
2013 A.13.1.1
NIST_800_53:
AC-4

Test Requirements

CCC.VPC.C02.TR01:When a resource is created in a public subnet, that resource MUST NOT be assigned an external IP address by default.
TLP:
tlp_red