CloudWiki
Rules
Medium

Ensure Transit Gateway 'Auto Accept Shared Attachments' is disabled

Security & Compliance
No items found.
Description

In AWS, Transit Gateway enables customers to interconnect their Amazon Virtual Private Clouds (VPCs) and their on-premises networks to share traffic and resources. The "Auto Accept Shared Attachments" feature in Transit Gateway allows other accounts to connect to a customer's Transit Gateway without explicit approval from the customer. If this feature is enabled, it can potentially allow unauthorized or malicious entities to access the customer's network, leading to security breaches. To ensure Transit Gateway security, "Auto Accept Shared Attachments" should be disabled. This ensures that only authorized accounts are allowed to connect to the Transit Gateway, and the customer has full control over who is granted access to their resources.

Remediation

To remediate the issue of "Auto Accept Shared Attachments" being enabled in Transit Gateway, you can follow the below steps:

  1. Log in to the AWS Management Console and navigate to the Amazon VPC service.
  2. From the left navigation pane, select "Transit Gateways."
  3. Select the Transit Gateway for which you want to disable "Auto Accept Shared Attachments."
  4. Select the "Attachments" tab and click on the "Modify auto-accept settings" button.
  5. In the Modify Auto-Accept Settings dialog box, uncheck the box next to "Enable auto-accept shared attachments" and click "Save."
  6. Repeat these steps for each Transit Gateway that has "Auto Accept Shared Attachments" enabled.

By following these steps, you can disable "Auto Accept Shared Attachments" in Transit Gateway, thereby reducing the risk of unauthorized access to your resources. It is also recommended to regularly review and audit your Transit Gateway configuration to ensure that it aligns with your security policies and best practices.

Enforced Resources
Transit Gateway
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.