This application takes parameter as a list of instance, then goes through each of those and remove vulnerable rule. In general, any inbound rule that accepts any client (0.0.0.0) would be removed.
Yet the application now only removes any inbound with 0.0.0.0 client on port 22, we can add more rules to filter out as well. To do this, a new rule as tuple to TARGET_TO_REMOVE constant in instance.py:
e.g.:
TARGET_TO_REMOVE = [('inbound', '0.0.0.0/0', 22), ('outbound', '0.0.0.0/0', 22)]This application uses pytest as a testing tool.
### Application
python main.py
### Testing
python3 -m pytest tests
### Or with Docker
docker-compose upThis will print out the filtered rules. We can modify the parameters by adding more rules