github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/ec2/AVD-AWS-0107/Terraform.md (about) 1 2 Set a more restrictive cidr range 3 4 ```hcl 5 resource "aws_security_group_rule" "good_example" { 6 type = "ingress" 7 cidr_blocks = ["10.0.0.0/16"] 8 } 9 10 ``` 11 ```hcl 12 resource "aws_security_group_rule" "allow_partner_rsync" { 13 type = "ingress" 14 security_group_id = aws_security_group.….id 15 from_port = 22 16 to_port = 22 17 protocol = "tcp" 18 cidr_blocks = [ 19 "1.2.3.4/32", 20 "4.5.6.7/32", 21 ] 22 } 23 24 ``` 25 26 #### Remediation Links 27 - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule#cidr_blocks 28